Principal Research Infrastructure Engineer (Security & Compliance) - IT Services - 106467 - Grade 9

Position Details

It Services

Location: University of Birmingham, Edgbaston, Birmingham UK

Full time starting salary is normally in the range £58,225 to £67,468 with potential progression once in post to £87,974

Grade: 9

Full Time, Permanent

Closing date: 28th October 2025

UK travel may be required for this role

Our offer to you

People are at the heart of what we are and do.

The University of Birmingham is proud to have been a part of the City of Birmingham and the wider region for over 100 years, and we are equally proud to be recognised as a leading global university. We want to attract talented people from across the city and beyond, support them to succeed, and celebrate their success.

We are committed to helping the people who work here to develop through our sector-leading Birmingham Professional programme which provides all professional services staff with development opportunities and the encouragement to reach their full potential. With almost 5,000 professional services jobs in a wide-range of functions in Edgbaston and in our campus in Dubai, there are plenty of opportunities for you to be able to develop your career at the University.

We believe there is no such thing as a typical member of staff and that diversity is a source of strength that underpins the exchange of ideas, innovation, and debate. We warmly welcome people from all backgrounds and are committed to fostering an inclusive environment where diversity is at the heart of who and what we are, and how we work.

Supporting our people to achieve a healthy work/life balance is important both to our employees and to the success of the University and, depending on the role, we offer a variety of flexible working arrangements. We therefore welcome discussions on all forms of flexible working. In addition, you will receive a generous package of benefits including 40 days paid holiday a year, one paid day a year for volunteering, occupational sick pay, and a pension scheme. We also have three high quality subsidised day nurseries.

The University is situated in leafy Edgbaston and there are excellent transport links to our beautiful campus, including main bus routes and a train station on site. On campus we have a state-of-the-art sports centre with pool, shops, places to eat and drink, our own art gallery, museum and botanical gardens.

Find out more about the benefits of working for the University of Birmingham

Background

IT services at the University of Birmingham use complex, large-scale architectures based on Unix, Linux, Windows and cloud technologies, coupled with advanced storage solutions. These need to be configured and maintained to the highest possible standards of reliability, performance and quality. Business continuity and high service levels are demanded equally for mission-critical research services as well as for those relied on for teaching, learning and administration.

ARC builds and runs (or buys-in) a range of specialist services for researchers, collectively known as BEAR (Birmingham Environment for Academic Research). Aimed at all disciplines, BEAR covers an increasingly broad spectrum of needs, ranging from the traditional HPC/HTC through storage and archiving solutions to collaboration and analytics tools and ‘on premises’ cloud and ‘on-demand’ offerings. ARC also supports the exploitation of specialist regional and national services, including the Birmingham-based Baskerville supercomputer and the Warwick based Tier 2, Sulis. Together with the national supercomputer Archer (Tier 1) and Birmingham’s own BEAR infrastructure, they form a powerful resource for research. 

Role Summary

ARC’s Principal Research Infrastructure Engineer (PRIE S&C) plays a key role in shaping, advising and supporting ARC’s delivery of the specialist infrastructure and services that enable the University’s researchers to carry our world class research. They will employ an intelligent, risk-based methodology that takes a comprehensive but adaptable approach to security, appropriate to the breadth and diversity of our computational research.

The PRIE (S&C) will build relationships and collaborate with researchers across the University and with our external partners and funders to understand requirements. They will apply their professional expertise and knowledge of security to advise the University at a strategic level and develop the necessary ARC security policies, standards, and procedures to satisfy the needs of the institution and the demands of those funders.

This role is based on the University of Birmingham’s wonderful campus.  We welcome candidates looking for flexible working patterns though note that there is an expectation that candidates will spend substantial time on campus each week. 

Main Duties

• Strategic Planning and Governance: Taking a lead role in supporting the ARC leadership team (and CIO and Head of IT Security) to build and maintain the University's information security strategy, policies, and procedures to enable as well as protect research activity and external partnerships using the specialist compute services provided by ARC. This role is key to the operational implementation and compliance of the architecture which underpins most of the University’s computational research.
• Risk Management: Identifying, assessing, and managing security risks related to use of the services delivered by ARC both local and national. In partnership with the ARC Architect and AIS Group Leader, designing and implementing measures to mitigate risks and ensure compliance with relevant regulations, acting as an escalation point for the Information Security Team where a high priority threat or incident is identified. 
• Monitoring to identify emerging or evolving security risks, based on changes to the external environment and advising on the long-term operational direction to ensure the University and ARC are prepared for future security threats. 
• Architecture: Contributing to the design and implementation of appropriately secure systems and architectures, considering emerging threats and technological advancements. This role will forge links with peers at research led institutions internationally and relevant security advisory groups to provide a high level of intelligence and awareness of new security solutions and their suitability and benefit to the operation. 
• Incident Response: Coordinating and supporting ARC’s incident response efforts, working closely with IT and other departments to minimize the impact of security incidents. 
• Training and Awareness: Developing and delivering tailored security training for University researchers where appropriate, based on risks.
• Collaboration: Working directly with academic and professional services functions to facilitate risk assessment and risk management processes, including importantly during the preparation of funding bids. Inside IT Services, advising senior colleagues on any security risks (and solutions) at the intersection between areas of responsibility. 
• Standards and Compliance: Leading the process to achieve and maintain suitable Standards, including ISO 27001, that provide assurance and demonstrate the suitability of ARC’s services to researchers and their funders, streamlining activity to ensure a responsive and reliable service, noting the frequent need to meet tight deadlines and ill-defined requirements.
• Vendor Management: Evaluating and managing security aspects of third-party vendors and service providers to ARC, ensuring the protection of research assets. 
• Communication: Representing the University externally as an authoritative voice in the area of cyber security and governance related to centralised, high performance research computing activity. 
• Actively manages equality, diversity and inclusion through monitoring and evaluation and actively challenging unacceptable behaviour. 
• Supports the University’s sustainability agenda through resource efficient working. 
• Any other duties commensurate with the grade.

Required Knowledge, Skills, Qualifications, Experience

• Educated to degree level (or equivalent qualifications) in a subject with a strong Computer Science/complex technology base, plus higher degree where appropriate.
• Authoritative and advanced technical expertise in a relevant technical, professional or functional specialism.
• Substantial experience in a complex computing environment including with responsibility for the security aspects of the operation. Ideally that experience would include some involvement with academic research or even HPC.
• Formal training or extensive experience in information security standards and best practice. This will include implementing and/or maintaining formal best practice information security compliance or certification (e.g. ISO 27001/2, NIST CSF, Cyber Essentials).
• Experience in having dealt successfully with information security incidents and a track record of influencing information security policy in a large institution or complex operation.
• Experience of training and/or influencing colleagues and service users to develop a security aware culture.
• Enthusiasm for as well as broad and up to date knowledge of relevant information security technologies including encryption, vulnerability and penetration testing, compliance checking, anti-virus, firewall, other perimeter security and intrusion detection technologies as well as risk management systems, asset management and security event and incident management and monitoring. 
• Demonstrated ability and experience in establishing, tracking, measuring, and weighing information security risk, ideally in an academic research environment.
• Demonstrated ability to build relationships at different levels of the organisation including the capability of working with and earning the respect of senior customer stakeholders. 
• Able to articulate and agree a clear vision for information security strategy and the key differences between the needs of enterprise IT and research computing.
• Excellent presentation skills and the ability to communicate at all levels. 
• Knowledge of relevant national and international information security and digital data standards, legislation and guidance relevant to the academic and research sectors including: The Freedom of Information Act, The Data Protection Acts, The General Data Protection Regulation, The Regulation of Investigatory Powers Act, The Human Rights Act, The Privacy and Electronic Communications (EU Directive) Regulations and including recent UK and EU legislation such as the Data Retention and Investigatory Powers Act 2014 and the Counter-Terrorism and Security Act 2015. 
• Demonstrable high level strategic thinking and planning skills. 
• Experience with NHS information security policies, standards and regulations including NHS IG toolkit would be an advantage.
• Experience of working with and established relationships with security agencies such as the National Crime Agency (NCA), National Cyber Security Centre (NCSC), MI5 and GCHQ would be an advantage.
• Professionally active within the research computing or cyber security sector. 
• Demonstrable professional development through a series of progressively more demanding and influential work roles. 
• Ability to exercise a substantial degree of independent professional responsibility and discretion, and apply an expert understanding of their specialist to the needs of the University.
• Evidence of literacy and numeracy.
• Experience of championing Equality, Diversity and Inclusion in own work area. 
• Ability to monitor and evaluate the extent to which equality and diversity legislation, policies, procedures are applied. 
• Ability to identify issues with the potential to impact on protected groups and take appropriate action.

Dbs Required

The University is committed to safeguarding and we promote safe recruitment practice, therefore all associated pre-employment checks will be undertaken before any appointment is confirmed. Due to the nature of the work undertaken in this role all successful applicants will be subject to a satisfactory DBS clearance prior to appointment.

Bpss Required

Due to the nature of the work undertaken in this role, all successful applicants will be subject to a BPSS check prior to appointment.

• Further particulars can be found here
• Informal enquiries to Jon Wakelin, email: j.wakelin@bham.ac.uk 
• View our staff values and behaviours here 

We believe there is no such thing as a 'typical' member of University of Birmingham staff and that diversity in its many forms is a strength that underpins the exchange of ideas, innovation and debate at the heart of University life. We are committed to proactively addressing the barriers experienced by some groups in our community and are proud to hold Athena SWAN, Race Equality Charter and Disability Confident accreditations. We have an Equality Diversity and Inclusion Centre that focuses on continuously improving the University as a fair and inclusive place to work where everyone has the opportunity to succeed. We are also committed to sustainability, which is a key part of our strategy. You can find out more about our work to create a fairer university for everyone on our website.