Posting Details

Position Information

Position Number014405Functional TitleInformation Security Risk & Compliance ManagerPosition TypeStaffPosition EclassEP - EHRA 12 mo leave earningUniversity Information

UNC Greensboro, located in the Piedmont Triad region of North Carolina, is a higher-research activity university as classified by the Carnegie Foundation. Founded in 1891 and one of the original three UNC system institutions, UNCG is one of the most diverse universities in the state with nearly 20,000 students and over 2,700 faculty and staff members representing more than 90 nationalities. With 17 Division I athletic teams, 85 undergraduate degrees in over 100 areas of study, as well as 74 master’s and 32 doctoral programs, UNCG is consistently recognized nationally among the top universities for academic excellence and value, with noted strengths in health and wellness, visual and performing arts, nursing, education, and more. For additional information, please visit uncg.edu and follow UNCG on Facebook, Twitter and Instagram.

Primary Purpose of the Organizational Unit

The Information Security Office is a subset within the Information Technology Services (ITS) division that is charged with providing active information security assessment, risk analysis, incident management, information security controls, education, and guidance for the protection of UNCG’s information assets and information technology environment. The overall objective is to protect and preserve the confidentiality, integrity and availability of information and information resources for teaching and learning, research, service, and the conduct of university business.

Position Summary

The Risk & Compliance Manager will create, manage, and administer the Information Security Risk Management policies, standards, processes, procedures, and tools that apply to all technologies, processes, and systems used by all University business and academic units. The Manager will assess risk across the institution in a regular manner and seek to identify and promote opportunities to reduce risk while helping the university stay in compliance with applicable policy and regulatory influences.

Minimum Qualifications

Mid to late career with Masters and 2 to 4 yrs experience; Bachelors and 3 to 5 yrs experience; or equivalent education and experience.

• Demonstrated experience with ITIL, COBIT, ISO/IEC and/or other common IT governance frameworks
• Excellent interpersonal and written communication skills
• CISA, CISM, CGEIT, CRISC, CISSP, or similar industry certification

Additional Required Certifications, Licensures, and CertificatesPreferred Qualifications

• 10+ years of experience in Information Technology positions
• 5+ years of focused experience in Risk Management and IT controls audits

Special Instructions to Applicants

Applicants have the option to provide the names, email addresses, and phone numbers of four (4) contacts to provide Letters of Recommendation, in the References section of the electronic application. These contacts will be solicited by the SpartanTalent system via email, and asked to provide a confidential Letter of Recommendation on behalf of the applicant. This will occur after the candidate is approved by the Affirmative Action/Equal Employment Opportunity team for interview.

Applicants are required to upload the following documents with their electronic application:

• Resume
• Cover Letter
• List of References

Applicants are required to upload a list of references of at least three (3) professional references that includes:

• Name
• Company Name
• Type of reference (Professional, Supervisor, Colleague, Academic or Personal). One (1) of those references will need to be a current or previous supervisor.
• Email Address
• Contact Phone Number

Applications are not successfully submitted until an online confirmation number has been received at the end of the application process.

Recruitment RangeSalary commensurate with experienceOrg #-DepartmentInformation Technology Services - 23101Job Open Date06/19/2019For Best Consideration Date06/28/2019Job Close DateOpen Until FilledYesFTE1.000Type of AppointmentPermanentIf time-limited, please specify end date for appointment.Number of Months per Year12FLSAExemptKey Responsibilities

Key Responsibilities

Percentage Of Time30Key Responsibility

Risk Assessment

Essential Tasks

Perform information security risk assessments, IT controls audits, and compliance assessments to identify weaknesses and risks that jeopardize the safety, security, or compliance posture of University systems and information resources.

Key Responsibilities

Percentage Of Time30Key Responsibility

Risk/Compliance Auditing and Documentation

Essential Tasks

Identify, catalog, analyze, and score risks according to a standard methodology using standardize tools. Administer compliance frameworks and associated tools necessary to generate compliance reports and audit artifacts.

Key Responsibilities

Percentage Of Time20Key Responsibility

Identify and promote opportunities to reduce risk while helping the university stay in compliance

Essential Tasks

Help system owners and stakeholders to reduce information security risks and achieve required compliance postures through systematic application of risk mitigation controls, compensation activities, and remediation efforts.

Key Responsibilities

Percentage Of Time10Key Responsibility

Risk and Compliance Reporting

Essential Tasks

Provide structured risk and compliance reporting to senior leadership at department, division, and institution-wide tiers. Maintain relationships with IRM and key stakeholders.

Key Responsibilities

Percentage Of Time10Key Responsibility

Maintain and improve policies, procedures, standards, and other documentation

Essential Tasks

Maintain and improve policies, procedures, standards, and other documentation related to risk management, IT controls, and compliance.

ADA Checklist

ADA Checklist

R for Rare (0-30%), O for Occasional (30-60%), F for Frequent (60-90%), C for Constant (90-100%).

Physical EffortHand Movement-Repetitive Motions - F, Reading - F, Writing - F, Hearing - F, Talking - F, Sitting - FWork EnvironmentInside - CApplicant DocumentsRequired Documents

1. Resume/CV
2. Cover Letter
3. List of References

Optional Documents

1. Reference Letter 1
2. Reference Letter 2

Supplemental Questions

Required fields are indicated with an asterisk (*).

1. * Please indicate how you learned of this vacant position for which you are applying:
   • CAA
   • NCAA Arts
   • ICFAD
   • SECCAC
   • Arts Council of the African Studies Association
   • Professional Job Board
   • InsideHigherEd
   • Social Media
   • Networking
   • UNCGjobsearch website
   • Other
2. If you selected "Other", please provide the name of the resource here.

   (Open Ended Question)

3. * Are you eligible to work in the United States without sponsorship?
   • Yes
   • No