(While navigating through the site, please be sure to disable your pop-up blocker.)
Research Security Officer
The mission of The University of Texas MD Anderson Cancer Center is to eliminate cancer in Texas, the nation, and the world through outstanding programs that integrate patient care, research, and prevention, and through education for undergraduate and graduate students, trainees, professionals, employees and the public.
The Research Security Officer (RSO) holds executive responsibility for the strategy, planning, execution, monitoring, and assessment of all institutional initiatives undertaken to address research security risks posed to the MD Anderson research environment, including discovery development, discovery commercialization, and international collaborations.
Collaborating with the Chief Scientific Officer, the Chief Cybersecurity Officer, the Chief Technology and Data Officer, the Chief Compliance Officer, and other key executive leaders, the RSO oversees and provides direction for the development, maintenance, and ongoing enhancement of a secure environment for researchers and institutional discoveries to protect themselves and their publication rights as well as institutional research protocols, institutional data, and institutional methodologies while enabling an efficient and effective infrastructure for such work. The RSO works with key stakeholders including Data Governance, Cybersecurity, Institutional Compliance, and Legal Services to ensure the approaches implemented align with federal and state regulatory requirements.
The RSO facilitates education, training, and communication related to research security to promote awareness and engagement across the institution. Additionally, the RSO serves as MD Anderson’s point of contact with government officials, external advisory boards, and other non-institutional entities.
JOB SPECIFIC COMPETENCIES
Strategic Leadership: Leads the creation of a Research Security Program Office (RSPO) that aligns with institutional strategies and supports research goals.
• Establishes a central Research Security Program Office (RSPO) to collect and analyze information from all relevant sources to identify research security concerns (e.g., undue foreign influence, talent programs and state-sponsored actors, insider threats, corporate espionage, conflicts of interest, research misconduct, research integrity, data exfiltration) and to initiate appropriate response actions.
• Provides high-level consultation to executive leadership in assessing and mitigating identified threats to MD Anderson research data and research efforts.
• Consults with The University of Texas System (UT System) Research Security Officer in exploring or sharing systemwide issues.
• Creates the institutional Research Security Plan and Policy.
• Serve as the institution’s primary subject matter expert for National Security Presidential Memorandum 33 (NSPM-33); Texas Senate Bill 1565 (S.B. 1565), and related research security guidance and directives.
• Monitors the regulatory environment to identify emerging requirements and enforcement activities as they arise, alerting executive leadership and adjusting institutional strategy and operations as needed.
• Identifies resources necessary to operate an effective and comprehensive RSPO and program.
• Fosters a collaborative relationship with the Division of Legal and Regulatory Affairs (inclusive of Legal Services, Institutional Compliance, Internal Audit, Export Control, and Conflict of Interest) whereby advice of counsel is regularly provided to ensure that research security activities stay within legal boundaries.
• Helps develop and enters into appropriate Memoranda of Understanding (MOU) with Institutional Compliance, Cybersecurity, Data, Research Administration, the Office of Sponsored Projects, and other research security stakeholders to ensure appropriate coordination and information and task sharing for research security-related operations. Such operations should include procedures by which information from across the institution will be accessible by RSPO personnel and responding to active research-related concerns, including but not limited to potential insider threats or foreign influence to the research infrastructure and assets.
• Serves as the Chair of the Science, Technology, and Research Compliance Committee (STARCC).
• Serves as a member of the Executive Institutional Compliance Committee (EICC).
Operational Leadership: Develops operational processes, standards, and procedures to ensure a robust RSPO that meets ever-evolving institutional needs.
• Develops research security response protocols and procedures, and designs processes to centrally manage and disseminate all institutional research security response actions.
• Ensures research security program interests are incorporated into the organizational enterprise and considered in policy and acquisition strategies.
• Establishes a system of records to properly record and document program activities.
• Establishes a system to obtain current reporting on research security threats, trends, and methods.
• Employs a research security risk assessment capability for the institution and incorporates the results into the institution’s critical asset identification and risk assessment processes.
• Establishes appropriate mechanisms to ensure the proper use of information and the adherence to privacy, civil liberties, and whistleblower protections within all research security activities in concert with the institution’s Chief Legal Officer and civil liberties and privacy officials.
• Coordinates with Institutional Compliance and others as needed to assist with investigating research security threats and allegations of research security misconduct.
• Encourages innovation, creativity, and efficiency in solving research security problems.
• Leverages information-gathering, analytic, investigative, and operational resources from across the institution to ensure that each insider threat or foreign influence concern is documented, promptly investigated, and resolved.
• Develops mechanisms to regularly discuss research security issues with the same stakeholders that assisted in the development of the institution’s Research Security Plan and Policy.
• Conducts periodic self-assessments of the adequacy of the institution’s research security and compliance with the Research Security Plan and Policy.
• Drafts an annual report for the President and Executive Leadership Team on the progress and/or status of program.
• Regularly collaborates with institutional leaders as the institution’s primary advocate for research security preparedness, including the Chief Financial Officer to identify and justify future personnel and budgetary requirements for the program.
Institutional Engagement and Awareness: Serves as the institutional ambassador for RSPO initiatives, providing education and promoting understanding of research security.
• Serves as an ambassador for the research security program while promoting a positive culture of awareness.
• Acts as the institutional focal point to coordinate and respond to requests for information.
• Builds and maintains necessary internal and external partnerships to draw in expertise and collaboration from other sources, including federal law enforcement.
• Develops research security training for the workforce per the Research Security Plan and Policy. Ensures training is conducted on a routine basis and incorporated into various mandatory training vehicles.
• Disseminates institution-wide information about research security activities that should be shared with the program along with reporting mechanisms.
• Other duties as assigned
REQUIREMENTS
Education: Master’s degree in a scientific research or security-related field.
Preferred Education: Doctorate (Professional) degree in a scientific research or security-related field.
Experience: Ten years of related experience in a scientific research or security-related field to include at least five years of leadership experience.
Preferred Experience: Ten years of related experience in a scientific research or security-related field employed in a research-driven academic healthcare environment.
Preferred Certification: Federal security clearance of Secret or above. Certified Information Systems Security Professional (CISSP) or equivalent relevant security certification such as a Computer Emergency Response Team (CERT) Insider Threat Program Manager (ITPM) Certificate.
**** Work location Hybrid if located in the State of Texas *****
It is the policy of The University of Texas MD Anderson Cancer Center to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state or local laws unless such distinction is required by law. http://www.mdanderson.org/about-us/legal-and-policy/legal-statements/eeo-affirmative-action.html