Sr. Cybersecurity Analyst For Research

A global higher education leader in innovative teaching, research and public service, the University of North Carolina at Chapel Hill consistently ranks as one of the nation's top public universities. Known for its beautiful campus, world-class medical care, commitment to the arts and top athletic programs, Carolina is an ideal place to teach, work and learn.

One of the best college towns and best places to live in the United States, Chapel Hill has diverse social, cultural, recreation and professional opportunities that span the campus and community.

University employees can choose from a wide range of professional training opportunities for career growth, skill development and lifelong learning and enjoy exclusive perks for numerous retail, restaurant and performing arts discounts, savings on local child care centers and special rates on select campus events. UNC-Chapel Hill offers full-time employees a comprehensive benefits package, paid leave, and a variety of health, life and retirement plans and additional programs that support a healthy work/life balance.

Primary Purpose of Organizational Unit

The Information Security & Identity Management division manages the University's Information Security Office and Identity Management. The Security Office is responsible for coordinating and ensuring that information security across the University is consistent with industry best practices and the University's compliance obligations. Identity Management (IdM) identifies individuals within an enterprise or group and defines and controls the access they have to information and resources within a computer network based on their roles and circumstances.

Position Summary

This position may be eligible for a hybrid work arrangement that may include a partially remote work location, consistent with System Office policy. UNC Chapel Hill employees are generally required to reside within a reasonable commuting distance of their assigned duty station.

The ITS - Information Security Office is broadly responsible for the security for the University of North Carolina at Chapel Hill (UNC-CH) network and attached computing devices. The Information Security Office (ISO) provides guidance and resources to prevent and respond to computer security incidents, to comply with various Federal and State privacy and security laws and regulations and to comply with contracts that include information security requirements. The ISO unit also leads information security initiatives to protect the University's information, including intellectual property, as well as clinical, research and personal information.

The Sr. Cybersecurity Analyst for Research position is part of the Risk Team in the Information Security Office.

Core duties include:

Assume responsibilities for setting strategy for the Security Office's Security Research Compliance program and collaborating with key campus stakeholders to streamline the security and compliance obligations on research at UNC.

Map the pipeline of sponsored research from proposal to close-out.

Fill out and maintain copies of required research documentation such as Medicare & Medicaid Services (CMS) with organizational controls filled out.

Collaborate with campus IT service providers to help them understand the availability of resources available to them to assist with supporting their researchers.

Lead collaborative efforts with key university stakeholders to strategically define the research environments available to researchers.

Create and maintain an inventory of these research environments and the capabilities of each.

Act as a subject matter expert in cybersecurity best practices for research in a higher education setting.

Lead collaborative efforts with Council and Procurement to draft/maintain contractual language to adequately reduce risk and liability to the university.

Review research contract language to provide guidance on the ability to meet cybersecurity controls and adhere to frameworks such as NIST 800-53, NIST 800-171, etc.

Participate in the university IRB process.

This position calls for a high level of integrity, good judgement, knowledge concerning issues of privacy and confidentiality, excellent oral and written communication skills, ability to work as an independent, productive, responsible, self-motivated member of a team in high pressure situations, at times, while maintaining a calm, customer-friendly perspective.

Minimum Education and Experience Requirements

Master's and 1-2 years' experience; or Bachelors and 2-4 years' experience; or will accept a combination of related education and experience in substitution.

Required Qualifications, Competencies, and Experience

Essentials Skills, Knowledge, and Abilities:

Strong understanding of information technology tools and concepts

Strong understanding of information security best practices, cybersecurity, and related concepts

Strong understanding of security frameworks and regulatory requirements that impact research in a higher education setting such as NIST 800-53, NIST 800-171, CMMC, HIPAA, etc.

Experience in a highly decentralized environment

Excellent written and verbal skills

Excellent interpersonal skills

Preferred Qualifications, Competencies, and Experience

Experience in conducting risk assessments.

Project management experience

Special Physical/Mental Requirements Campus Security Authority Responsibilities

Not Applicable.

Special Instructions Quick Link https://unc.peopleadmin.com/postings/278942