Risk and Compliance Manager Position Available In Orange, North Carolina

Risk and Compliance Manager University of North Carolina at Chapel Hill•4.0 Chapel Hill, NC Job Details Full-time $130,000•$138,835 a year 21 hours ago Benefits Health insurance Retirement plan Qualifications

CMMC PCI CISSP

Mid-level Information security Master’s degree Supervising experience Bachelor’s degree NIST standards IT Leadership 2 years University Full Job Description Posting Information Department ITS•Information Security-602000 Career Area Information Technology Posting Open Date 04/24/2025 Application Deadline 05/15/2025 Open Until Filled No Position Type Permanent Staff (EHRA NF) Working Title Risk and Compliance Manager Appointment Type EHRA Non-Faculty Position Number 00055901 Vacancy

ID NF0009088

Full Time/Part Time Full-Time Permanent FTE 1 Hours per week 40 Position Location North Carolina, US Hiring Range $130,000•$138,835 Proposed Start Date 06/02/2025 Position Information Be a Tar Heel! A global higher education leader in innovative teaching, research and public service, the University of North Carolina at Chapel Hill consistently ranks as one of the nation’s top public universities . Known for its beautiful campus, world-class medical care, commitment to the arts and top athletic programs, Carolina is an ideal place to teach, work and learn. One of the best college towns and best places to live in the United States, Chapel Hill has diverse social, cultural, recreation and professional opportunities that span the campus and community. University employees can choose from a wide range of professional training opportunities for career growth, skill development and lifelong learning and enjoy exclusive perks for numerous retail, restaurant and performing arts discounts, savings on local child care centers and special rates on select campus events. UNC-Chapel Hill offers full-time employees a comprehensive benefits package , paid leave, and a variety of health, life and retirement plans and additional programs that support a healthy work/life balance. Primary Purpose of Organizational Unit The Information Security & Identity Management division manages the University’s Information Security Office and Identity Management. The Security Office is responsible for coordinating and ensuring that information security across the University is consistent with industry best practices and the University’s compliance obligations. Identity Management (IdM) identifies individuals within an enterprise or group and defines and controls the access they have to information and resources within a computer network based on their roles and circumstances. Position Summary This position is a 100% remote work arrangement, consistent with System Office policy. UNC Chapel Hill employees are generally required to reside in North Carolina, within a reasonable commuting distance of their assigned duty station. Information security at UNC Chapel Hill is building a program capable of meeting the institution’s security challenges of tomorrow. We seek a Manager of the Risk and Compliance team. Engaging with faculty and staff across all parts of the University, this team is responsible for assessing whether technology meets institutional and external security requirements, evaluating options when the default controls cannot be implemented, maintaining several critical cybersecurity compliance programs, and providing security consultations for departments and major initiatives. Working under minimal supervision, the Manager is responsible for delivering scalable, effective solutions to meet security program goals. The Manager represents the Information Security Office within the University when discussing risk and compliance topics. The Manager coordinates work necessary to deliver our HIPAA, PCI, and Research Security (e.g., NIST 800-171, NIST 800-53, CMMC, others) compliance program outcomes. The Manager collaborates with other Information Security Office teams, such as Detection and Response, in order to update Risk methods and recommend changes to University policy. The Manager provides support and guidance for the professional development of the Risk and Compliance security analysts. The Manager also participates in security program planning, prioritization, and preparation of periodic updates to our Board of Trustees. Minimum Education and Experience Requirements Masters’ and 2-4 years’ experience; or Bachelors and 3-5 years’ experience; or will accept a combination of related education and experience in substitution. Required Qualifications, Competencies, and Experience Experience in information technology and Information Security. Experience managing information technology professionals. Supervisory experience is required. Preferred Qualifications, Competencies, and Experience Experience leading large, enterprise-level projects and information technology implementations. Experience managing information technology professionals in a university environment. Information security training and/or certifications, e.g., CISSP. Special Physical/Mental Requirements Campus Security Authority Responsibilities Not Applicable.