This position supports the University of Tennessee Institute of Agriculture IT Security Program by protecting institutional data, IT assets, networks, and users in Knoxville and across the state. Reporting to the Chief Information Security Officer, the IT Security Analyst focuses on governance, risk, and compliance activities; PCI merchant compliance; incident response; vulnerability mitigation; and user security awareness training. The role requires strong written and verbal communication skills and the ability to analyze and resolve complex information security issues independently and collaboratively.

• Governance, Risk, and Compliance (25%) - Participate in UT’s Governance, Risk, and Compliance team activities; conduct vendor and internal risk assessments using system tools; and determine approval or denial of IT purchase requests based on risk and compliance requirements.

• Credit Card Merchant Compliance (30%) - Ensure compliance for approximately 110 UTIA credit card merchants and about 500 merchant staff by reviewing PCI DSS self-assessments, procedures, inventories, and annual training completion.

• IT Security Incident Response (25%) - Coordinate with UTIA, UTCVM, UTK, and UT System partners on security operations alerts and incident response; investigate security breaches; perform malware forensics; and monitor vulnerability remediation timelines.

• IT Security Awareness Training (20%) - Administer annual and new-hire security awareness training for approximately 2,800 employees, track non-completion, coordinate account actions, maintain tickets, and review phishing simulation results to determine additional training needs.

Required Qualifications

• Education: Bachelor’s Degree in Cybersecurity, Information Technology, Computer Science, or related field

• Experience: Minimum of three years of hands-on experience in IT governance, risk, compliance, or malware forensics

• Knowledge, Skills, Abilities:

  • Knowledge of compliance standards, such as PCI DSS, HIPAA, FERPA, GDPR, and risk frameworks, such as CIS, NIST SP 800-171, CUI, ISO 27001, FISMA, ITAR

  • Strong communication skills, particularly when relaying technical information to non-technical users

  • Strong troubleshooting and problem-solving abilities to identify threats and vulnerabilities, as well as determine the proper risk mitigation

  • Must be able to work independently as well as in teams.

• Applicants must be legally authorized to work in the United States on a full-time basis without need now or in the future for sponsorship for employment-based visa status.

Preferred Qualifications

• Experience:

  • Experience working in Higher Education or other large public sector organization

  • Professional certification(s) such as CISSP, SANS GSEC, CompTIA Security+

• Knowledge, Skills, Abilities:

  • Knowledge of Manage Engine’s Endpoint Central, Microsoft Intune, Microsoft Entra, Microsoft Azure, Microsoft Defender, Tenable, UpGuard, or FTK

Work Location

• Location: Knoxville, TN

• Hybrid – this position is eligible for up to two days per week remote work after six-month probationary period.

Compensation and Benefits UT market range:

• Anticipated hiring range: $73,000 – 85,000

• Find more information on the UT Market Range structure here

• Find more information on UT Benefits here

Application Instructions

To express interest, please submit an application with the noted below attachments.

• Resume

• Cover Letter

About The College/Department/Division

University of Tennessee Institute of Agriculture Information Technology Services supports teaching, research, extension, and administrative operations across Knoxville and locations throughout the state. The team works to provide secure, reliable, and responsive technology services that protect institutional data, support compliance obligations, and enable the Institute’s mission.