Sr. Cybersecurity Analyst for Research University of North Carolina at Chapel Hill
Application Deadline 09/29/2023
Position Number 20059147
Hiring Range $99,000 - $110,000
Department Description: The Information Security & Identity Management division manages the University’s Information Security Office and Identity Management. The Security Office is responsible for coordinating and ensuring that information security across the University is consistent with industry best practices and the University’s compliance obligations. Identity Management (IdM) identifies individuals within an enterprise or group and defines and controls the access they have to information and resources within a computer network based on their roles and circumstances.
Equal Opportunity Employer: The University of North Carolina at Chapel Hill is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or status as a protected veteran.
Position description: This position may be eligible for a hybrid work arrangement that may include a partially remote work location, consistent with System Office policy. UNC Chapel Hill employees are generally required to reside within a reasonable commuting distance of their assigned duty station.
The ITS – Information Security Office is broadly responsible for the security for the University of North Carolina at Chapel Hill (UNC-CH) network and attached computing devices. The Information Security Office (ISO) provides guidance and resources to prevent and respond to computer security incidents, to comply with various Federal and State privacy and security laws and regulations and to comply with contracts that include information security requirements. The ISO unit also leads information security initiatives to protect the University’s information, including intellectual property, as well as clinical, research and personal information.
The Sr. Cybersecurity Analyst for Research position is part of the Risk Team in the Information Security Office. Core duties include: Assume responsibilities for setting strategy for the Security Office’s Security Research Compliance program and collaborating with key campus stakeholders to streamline the security and compliance obligations on research at UNC. Map the pipeline of sponsored research from proposal to close-out. Fill out and maintain copies of required research documentation such as Medicare & Medicaid Services (CMS) with organizational controls filled out. Collaborate with campus IT service providers to help them understand the availability of resources available to them to assist with supporting their researchers. Lead collaborative efforts with key university stakeholders to strategically define the research environments available to researchers. Create and maintain an inventory of these research environments and the capabilities of each. Act as a subject matter expert in cybersecurity best practices for research in a higher education setting. Lead collaborative efforts with Council and Procurement to draft/maintain contractual language to adequately reduce risk and liability to the university. Review research contract language to provide guidance on the ability to meet cybersecurity controls and adhere to frameworks such as NIST 800-53, NIST 800-171, etc. Participate in the university IRB process. This position calls for a high level of integrity, good judgement, knowledge concerning issues of privacy and confidentiality, excellent oral and written communication skills, ability to work as an independent, productive, responsible, self-motivated member of a team in high pressure situations, at times, while maintaining a calm, customer-friendly perspective.
Essential Skills, Knowledge and Abilities: Essentials Skills, Knowledge, and Abilities Strong understanding of information technology tools and concepts Strong understanding of information security best practices, cybersecurity, and related concepts Strong understanding of security frameworks and regulatory requirements that impact research in a higher education setting such as NIST 800-53, NIST 800-171, CMMC, HIPAA, etc. Experience in a highly decentralized environment Excellent written and verbal skills Excellent interpersonal skills
Education Requirements: Master’s and 1-2 years’ experience; or Bachelors and 2-4 years’ experience; or will accept a combination of related education and experience in substitution. Qualifications and Experience:
Experience in conducting risk assessments. Project management experience
Office of Human Resources Contact Information: If you experience any problems accessing the system or have questions about the application process, please contact the Office of Human Resources at (919) 843-2300 or send an email to employment@unc.edu Please note: The Office of Human Resources will not be able to provide specific updates regarding position or application status.
