Job Description

Primary Purpose of Department
The Office of OneIT provides highly reliable information technology infrastructure, tools and services to empower the University to achieve its academic, research, administrative and service goals.
Primary Purpose of Position
The Information Security Compliance Manager directs faculty and staff in making security decisions for themselves and the organization that aligns with enterprise security performance objectives and expectations and which directly supports the University’s academic and research missions.

The Information Security Compliance Manager facilitates and monitors compliance with policies, guidelines, standards and procedures that are in place to assure the protection of University information and information assets. This is done through campus education, compliance monitoring and reporting, awareness campaigns and assistance with incident response.
Summary of Position Responsibilities
The Information Security Compliance Manager must be able to direct and administer IS Compliance at UNC Charlotte campus-wide; serve as the University’s PCI-DSS Compliance Officer, working with the Bursar’s Office and OneIT Enterprise Infrastructure to ensure a secure PCI environment; conduct audits for compliance routinely and as appropriate; work closely with OneIT leadership and Legal Affairs for campus-wide policy proposals, management and compliance decisions; provide substantive professional advice on PCI-DSS and IS compliance issues and use independent judgment and discretion to make decisions that impact business needs and client productivity campus-wide; communicate articulately/effectively with a variety of staff at all levels of the University community; must be able to apply critical thinking and sound judgment to independently recognize and resolve IS compliance issues at UNC Charlotte; ability to be self-initiating in approaching work duties to independently review, evaluate and recognize matters of significance and implement actions accordingly to mitigate; must be familiar with a wide range of IT services provided at UNC Charlotte and able to anticipate potential IS compliance issues associated with each.

Educate the university community on information security and privacy responsibilities.
Lead university-wide IT security risk assessments.
Serve as the university compliance officer with respect to PCI-DSS policies and regulations.
Coordinate and manage the development of standards and guidelines to support information security compliance.
Work with the CISO on high severity security incidents and those involving compliance issues.
Create and maintain the university’s information security training and awareness campaigns.
Assist the CISO with internal and state audits.
Minimum Education/Experience
Bachelor’s degree and;
3-5 years of relevant work experience; or the
Equivalent combination of education and work experience.
Preferred Education, Knowledge, Skills and Experience
Hands on information security related experience
Experience working within a Higher Education environment
Experience working within an enterprise security compliance program
Knowledge of PCI-DSS, FERPA, HIPAA, ISO27002, CMMC and NIST standards
Necessary Certifications/Licenses
Preferred Certifications/Licenses
CISA, CISSP, CISM
Special Notes to Applicants
UNC Charlotte Benefits Information: https://hr.charlotte.edu/benefits
The finalist will be subject to a Criminal Background Check.
The Search Committee will not contact references without first verifying permission with the finalist.
Please ensure your resume reflects the knowledge, skills, abilities, and experiences to support your answers to the supplemental questions.