Information Security Manager
Position Type: Permanent Staff
Department: ITS - Information Security - 602000
Appointment Type: EHRA Non-Faculty
Vacancy ID: NF0003410
Position Summary: The Information Security Manager assists the Chief Information Security Officer (CISO) in managing information risk assessment, vulnerability management, and Payment Card Industry (PCI) compliance functions. The Information Security Manager works with all University business units to implement the policies, procedures, processes, controls, and methods needed to mitigate risk to information assets and ensure that the University's mission-critical information resources are appropriately protected. Under the direction of the CISO, this position manages and administers the risk assessment, vulnerability management, and PCI compliance areas of the Information Security Office (ISO) as well as relevant projects, personnel, programs and activities: - Manage day-to-day operational activities of information security specialists in keeping with published policies, procedures and initiatives - Support the ISO's budget and other planning efforts - Represent the Information Security Office in meetings concerning risk and vulnerability management, as well as PCI compliance. - Assist the CISO and team with the development of internal process, procedure and workflow enhancements for the Information Security Office operations, especially as it pertains to risk assessments, vulnerability management, and PCI compliance. - Draft new policy and modifications as needed - Monitor help desk tickets assigned to the team. Ensure Service Level Agreement (SLA) levels are being met, customers problems are being solved, tickets are being coded properly and tickets are being resolved as soon as feasible - Support ticket escalations - Complete employee work plans, competency assessments, and performance reviews in a timely manner - Support the development of staff to fulfill the goals and objectives of the unit
Application Deadline: 11/20/2018
Education Requirements: - Bachelor's degree in Computer Science, Computer Information Systems, Computer Engineering, Math, Engineering or other related technical degree from an appropriately accredited institution and four years progressive experience in the field of information technology; or - Bachelor's degree from an appropriately accredited institution and five years progressive experience in the field of information technology; or an equivalent combination of education and experience. - Bachelor's Degree preferred
Qualification and Experience: Required: - Experience in information technology and Information Security. - Experience managing information technology professionals Preferred: - 5+ years' experience in information technology. - 3+ years in Information Security. - 3+ years managing information technology professionals in a university environment. - Experience with the State of North Carolina's procurement and human resources processes and procedures. - Experience leading large, enterprise-level projects and information technology implementations. - Graduate degree/s in a related area. - Information security training and/or certifications a plus, especially CISSP, CRISC, or CISM certifications.
Equal Opportunity Employer: The University of North Carolina at Chapel Hill is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or status as a protected veteran.
Department Contact Name and Title:
Department Contact Telephone Number or Email:
Special Instructions for Applicants: