• Information Security Compliance Manager

    University of North Carolina at Charlotte (Charlotte, NC)


    Position Number: 003302

     

    Department: Office of OneIT (Adm)

     

    Employment Type: Permanent - Full-time

     

    Months Per Year: 12

    Essential Duties and Responsibilities:

    The Information Security Compliance Manager must be able to direct and administer IS Compliance at UNC Charlotte campus-wide; serve as the University’s PCI - DSS Compliance Officer, working with the Bursar’s Office and OneIT Enterprise Infrastructure to ensure a secure PCI environment; conduct audits for compliance routinely and as appropriate; work closely with OneIT leadership and Legal Affairs for campus-wide policy proposals, management and compliance decisions; provide substantive professional advice on PCI - DSS and IS compliance issues and use independent judgment and discretion to make decisions that impact business needs and client productivity campus-wide; communicate articulately/effectively with a variety of staff at all levels of the University community; must be able to apply critical thinking and sound judgment to independently recognize and resolve IS compliance issues at UNC Charlotte; ability to be self-initiating in approaching work duties to independently review, evaluate and recognize matters of significance and implement actions accordingly to mitigate; must be familiar with a wide range of IT services provided at UNC Charlotte and able to anticipate potential IS compliance issues associated with each.

     

    + Educate the university community on information security and privacy responsibilities.

    + Lead university-wide IT security risk assessments.

    + Serve as the university compliance officer with respect to PCI - DSS policies and regulations.

    + Coordinate and manage the development of standards and guidelines to support information security compliance.

    + Work with the CISO on high severity security incidents and those involving compliance issues.

    + Create and maintain the university’s information security training and awareness campaigns.

    + Assist the CISO with internal and state audits.

    Minimum Experience / Education:

    + Bachelor’s degree and;

    + 3-5 years of relevant work experience; or the

    + Equivalent combination of education and work experience.

    Preferred Education Skills and Experience:

    + Hands on information security related experience

    + Experience working within a Higher Education environment

    + Experience working within an enterprise security compliance program

    + Knowledge of PCI - DSS , FERPA , HIPAA , ISO27002, CMMC and NIST standards