Risk and Compliance Manager Position Available In [Unknown county], North Carolina

Risk and Compliance Manager Posting Information
Posting Information Department ITS – Information Security-602000
Career Area Information Technology
Posting Open Date 07/23/2025
Application Deadline 08/05/2025
Open Until Filled No
Position Type Permanent Staff (EHRA NF)
Working Title Risk and Compliance Manager
Appointment Type EHRA Non-Faculty
Position Number 00055901
Vacancy ID NF0009200
Full Time/Part Time Full-Time Permanent
FTE 1
Hours per week 40
Position Location North Carolina, US
Hiring Range $130,000 – $138,835
Proposed Start Date 09/08/2025
Position Information Be a Tar Heel! A global higher education leader in innovative teaching, research and public service, the University of North Carolina at Chapel Hill consistently ranks as one of the nation’s top public universities. Known for its beautiful campus, world-class medical care, commitment to the arts and top athletic programs, Carolina is an ideal place to teach, work and learn.
One of the best college towns and best places to live in the United States, Chapel Hill has diverse social, cultural, recreation and professional opportunities that span the campus and community.
University employees can choose from a wide range of professional training opportunities for career growth, skill development and lifelong learning and enjoy exclusive perks for numerous retail, restaurant and performing arts discounts, savings on local child care centers and special rates on select campus events. UNC-Chapel Hill offers full-time employees a comprehensive benefits package, paid leave, and a variety of health, life and retirement plans and additional programs that support a healthy work/life balance. Primary Purpose of Organizational Unit The Information Security & Identity Management division manages the University’s Information Security Office and Identity Management. The Security Office is responsible for coordinating and ensuring that information security across the University is consistent with industry best practices and the University’s compliance obligations. Identity Management (IdM) identifies individuals within an enterprise or group and defines and controls the access they have to information and resources within a computer network based on their roles and circumstances. Position Summary This position is a 100% remote work arrangement, consistent with System Office policy. UNC Chapel Hill employees are generally required to reside in North Carolina, within a reasonable commuting distance of their assigned duty station. Information security at UNC Chapel Hill is building a program capable of meeting the institution’s security challenges of tomorrow. We seek a Manager of the Risk and Compliance team. Engaging with faculty and staff across all parts of the University, this team is responsible for assessing whether technology meets institutional and external security requirements, evaluating options when the default controls cannot be implemented, maintaining several critical cybersecurity compliance programs, and providing security consultations for departments and major initiatives. Working under minimal supervision, the Manager is responsible for delivering scalable, effective solutions to meet security program goals. The Manager represents the Information Security Office within the University when discussing risk and compliance topics. The Manager coordinates work necessary to deliver our HIPAA, PCI, and Research Security (e.g., NIST 800-171, NIST 800-53, CMMC, others) compliance program outcomes. The Manager collaborates with other Information Security Office teams, such as Detection and Response, in order to update Risk methods and recommend changes to University policy. The Manager provides support and guidance for the professional development of the Risk and Compliance security analysts. The Manager also participates in security program planning, prioritization, and preparation of periodic updates to our Board of Trustees. Minimum Education and Experience Requirements Masters’ and 2-4 years’ experience; or Bachelors and 3-5 years’ experience; or will accept a combination of related education and experience in substitution. Required Qualifications, Competencies, and Experience Experience in information technology and Information Security.
Experience managing information technology professionals.
Supervisory experience is required. Preferred Qualifications, Competencies, and Experience Experience managing information technology professionals in a university environment.
Experience leading large, enterprise-level projects and information technology implementations.
Graduate degree/s in a related area.
Information security training and/or certifications, e.g., CISSP. Special Physical/Mental Requirements Campus Security Authority Responsibilities Not Applicable. Special Instructions None of the above