Chief Research Security and Export Control Officer, Academic Affairs, Research and Student Success & Audit and Compliance UT System Administration

Reporting to the Associate Vice President for Research (AVPR) and the Executive Director of Institutional compliance (EDIC) the Chief Research Security and Export Control Officer (RSECO) is responsible for implementing and overseeing the University of Tennessees Research Security and Export Control programs to ensure the integrity and security of the Universitys research by implementing and enforcing regulations related to export controls foreign influence research compliance Financial Conflicts of Interest/Conflicts of Commitment visiting scholars access to research and/or clinical facilities and resources Responsible Stewardship of Research Data and Responsible Conduct in Research among others. The RSECO will work closely with campus and institute counterparts to promote and facilitate compliance with federal and state laws and regulations federal sponsor requirements and guidelines and the Universitys policies and procedures governing research security and export control across research academic and business activities. Additional the RSECO will serve as the Export Control Officer for select campuses and institutes within the UT System.

Specific responsibilities include but are not limited to:

In close coordination with the AVPR and the EDIC the RSECO will implement policies and procedures to protect UT research from threats like foreign influence intellectual property theft and non-compliance with federal regulations focusing on areas such as export control cybersecurity and personnel security:

• Regulatory Compliance: Ensure the UT system campuses and institutes and their research adhere to federal and state policies including those related to foreign influence export controls (ITAR EAR OFAC) controlled unclassified information (CUI) and cybersecurity standards (e.g. NIST SP 800-171).
• Risk Assessment & Mitigation: Perform comprehensive risk assessments to identify vulnerabilities and develop mitigation strategies for security threats.

International Activity Review:

• Review requests for international visiting scholars international travel international agreements and the shipment of controlled items to ensure compliance with export control regulations and address foreign influence risks according to policy.
• Training and Awareness: Identify and deliver system-wide training programs for - faculty and staff on security procedures and compliance requirements.

Information Security:

• Implement policies and procedures for protecting sensitive research data including CUI and collaborating with IT on security for data environments.
• Technology Control Plans: Assist campuses institutes and researchers in developing and implementing Technology Control Plans (TCPs) to manage export-controlled information and technologies.
  

Coordination:

• Work with various university departments including Human Resources IT Legal Counsel and academic departments as well as external federal and state agencies.

Classified and CUI Programs:

• Coordinate with the campuses to ensure workspaces infrastructure protocols for conducing classified and controlled unclassified information (CUI) research meets all relevant regulations and requirements.

UT System and select campus/institute Export Control Officer -
In consultation with the AVPR and EDIC the RSECO will ensure UTs compliance with laws and regulations governing the export of goods technology and services preventing illicit diversion and ensuring national security for select campuses within the UT system:

Regulatory Compliance:

• Develop implement and maintain export control programs policies and procedures to ensure compliance with federal and international laws and regulations.
  

Export Classification:

• Determine the appropriate export classifications for products technologies and technical data.

Licensing & Authorization:

• Prepare and manage export license applications and other required documentation for government agencies.

Audits & Risk Assessment:

• Conduct regular internal and external compliance reviews and risk assessments of export activities to identify non-compliance and implement corrective actions.

Training & Guidance:

• Provide guidance and training to employees and researchers on export control requirements and best practices.
  

Restricted Party Screening:

• Perform screening of foreign partners and other parties against sanctioned lists to prevent unauthorized transactions.
  

Regulatory Monitoring:

• Stay up-to-date with changes in export control laws and regulations and update internal procedures as necessary.
  

Liaison & Consultation:

• Serve as a point of contact for regulatory bodies government agencies and other stakeholders on export control matters
  
• 117 and related Reporting: Coordinate with campuses and other units in the development and review of reports required pertaining to foreign engagements and gifts.

Campus and Institute Support for Research Security and Compliance Matters -
The RSECO will provide individual campuses and/or institute support for those without sufficient resources and expertise to sufficiently and effectively staff these functions as they relate to research security and compliance. This person will serve as the Export Control Officer and other roles as needed. Other areas to be
fleshed out:

Risk Assessment and Mitigation:

• Conduct risk assessments to identify vulnerabilities and develop strategies to mitigate threats to institutional security and research integrity. Monitor developed mitigation strategies.
  

Regulatory Compliance:

• Ensure compliance with federal and state regulations guidelines and laws concerning research security export controls and foreign government talent recruitment programs.
  

Researcher Education and Training:

• Provide guidance outreach and training to faculty staff and researchers on best practices for research security including proper disclosure of foreign relationships and intellectual property.

Other duties as assigned.

Required Qualifications

Bachelors degree in Cybersecurity information technology computer science engineering or related fields and 5 years of relevant progressively responsible experience or an equivalent combination of education training and experience. Experience managing significant projects.

Additional knowledge skills and abilities:

• Strong understanding of research security and export control principles and regulations.
• Familiarity with relevant federal regulations including the CHIPS and Science Act and NSPM-33.
• Familiarity with NISPOM requirements.
• Excellent analytical communication and interpersonal skills to work effectively with diverse stakeholders.
• Ability to assess and mitigate risks related to foreign influence and national security.
  

Preferred Qualifications
Advanced degree (masters or higher) and/or advanced certification in relevant field. Experience in higher
education nonprofit leadership or public-sector community engagement. Background in teaching or facilitating learning experiences related to social innovation community engagement or strategic communications. Supervisory experience.

Preferred certifications:

• CISSP
• CISM
• certified fraud examiner
• CMMS assessor or similar credential.
  

Preferred knowledge skills and abilities:

• Proficiency with security assessment tools DevSecOps pipelines and other security management technologies is a plus.
• Current security clearance
• ECoP certification
• Insider threat program experience
• Research experience
  

Application Process

For full consideration applications should be accompanied by a letter of interest a resume and three professional references.

Compensation and Benefits

Compensation for this position is budgeted for $140000 to $160000

The University offers a comprehensive benefits package that includes excellent healthcare and tuition benefits for employees and their families generous retirement benefits a wide variety of professional development opportunities supportive work and family benefits and much more. Additionally Tennessee residents do not pay a state income tax. For more information on the University of Tennessee benefits visit Experience:

Chief