Research Information Security & Compliance Manager
Please see Special Instructions for more details.
- The finalist will be subject to a Criminal Background Check and/or a Motor Vehicle Report
- The Search Committee will not contact references without first verifying permission with the finalist.
- Please ensure your resume reflects the knowledge, skills, abilities, and experiences to support your answers to the supplemental questions.
- Do not write 'see resume' on your application when completing the job duties section.
- UNC Charlotte Benefits Information: https://hr.charlotte.edu/benefits/benefits-overview/
Position Information
General Information
| Position Number |
004509 |
| Vacancy Open to |
All Candidates |
| Working Title |
Research Information Security & Compliance Manager |
| Position Designation |
EHRA Non-Faculty |
| Employment Type |
Permanent - Full-time |
| Months per Year |
12 |
| Work Schedule |
8:00 am - 5:00 pm; Monday - Friday with occasional evening and weekend hours required, as necessary.
|
| Hours per week |
40 |
| FLSA Status |
Exempt |
| Division |
Research |
| Department |
Div of Research (Adm) |
| Work Location |
Cameron Hall |
| Salary Range |
$93,242 - $124,750 |
| Primary Purpose of Department |
The Office of Research Protections and Integrity (
ORPI) is part of the Division of Research. It provides oversight, education, and support for integrity, security, and compliance issues related to research and certain University operations at
UNC Charlotte. The office ensures compliance with federal, state, and local applicable policies and laws on human subjects research, animal subjects research, biosafety, conflict of interest and commitment, research misconduct, responsible conduct of research, export control, and research security. In addition, the office provides technical support for research security compliance. |
| Primary Purpose of Position |
The Research Information Security & Compliance Manager provides technical program support and daily monitoring of the University's secure environment in accordance with standards such as
NIST 800-171,
CMMC,
HIPAA, etc. Responsibilities include security reviews, risk assessments, risk management, policy standards and guidelines, security awareness and training, audit coordination, and project management.
Specifically, this position reviews, coordinates, and monitors information technology security controls that protect confidentiality, integrity, and availability of the organization's controlled secure research data in accordance with legal, regulatory, and institutional requirements. The position is responsible for ensuring that users with access to the secured data environment receive appropriate training. The position consults with faculty, college/unit IT staff, applicable OneIT staff, the Office of Sponsored Research Administration (
SRA) , the Office of Research Commercialization and Partnerships (
ORCP), and other subject matter experts to ensure that technology solutions and compliance standards align with contract requirements. Moreover, the position will ensure appropriate auditing and documentation, providing guidance and recommendations to the research community in areas of data security, from award negotiation through project close-out. This position will work closely with
SRA and the research security team to monitor secured research environment setups, conduct follow-up reviews, and ensure that contract terms and conditions align with
UNC Charlotte's data security standards.
* Program Management and Policy Development
* Research Security
* Technical Support |
| Summary of Position Responsibilities |
Job Responsibilities
The Research Information Security & Compliance Manager reports to the Assistant Vice Chancellor for Research Protections and Integrity in the Division of Research. This position assures the university's compliance with federal law, state government statutes, university system standards, and
UNC Charlotte's internal policies, regulations, procedures, and contractual obligations in the area of information security and privacy. Appropriate frameworks, policies, regulations, guidelines, procedures, and assurance processes are developed for security, privacy, and protection of the university's information assets, including research data. The overall duties are as follows:
- Works closely with the OneIT Chief Information Security Officer to develop appropriate security strategies to align university security defenses with the evolving threat landscape and changing business requirements. This includes continuous development and improvement of the university's cybersecurity plan and road map.
- Conduct appropriate gap analyses and develop appropriate procedures, regulations, standards, and rules to ensure compliance. Including but not limited to: UNC Charlotte Data Sensitivity Framework, UNC System Security Framework/Baseline based on ISO 27001/2:2013, NIST Cybersecurity Framework and Special Publications series 800 (e.g., 800-53, 800-171), Cybersecurity Maturity Model Certification (CMMC) Framework, FISMA (Federal Information Security Management Act of 2002), HIPAA (Health Insurance Portability and Accountability Act of 1996), European GDPR (General Data Protection Regulation), and Applicable State and Federal Laws/Regulations).
- Works closely with the Information Security team to perform information security assessments, IT risk assessments, application security reviews, sensitive data security reviews, 3rd party vendor security assessments, information security audit coordination, and information security vendor contract reviews.
- Partners with university stakeholders to encourage the application of security controls throughout applications and the process development lifecycle.
- Establish, lead, serve on, or advise the University's committees that address information security, privacy, and compliance issues. Provide leadership on committees that are responsible for establishing and communicating the University-wide information security strategy, governance, policies, and standards.
- Initiate, facilitate, and promote activities to create information security awareness for the campus community.
- Provide leadership in the continued development and implementation of the Secure Research Environment (SeRE), both short-term and long-term, to ensure compliance with security requirements such as NIST 800-171 to protect and secure the university's sensitive research data (e.g., CUI, genomic controlled data, etc).
- Work closely with OneIT staff regarding the technical implementation of the frameworks, university policies/regulations/procedures/rules, programs, and processes.
- Works closely with the Research Security team, the Director of Research Security and COI, Export Control Officer, and Research Data Compliance Coordinator.
- Works closely with the Division of Research on defense-related initiatives and on research security IT support.
Other Responsibilities
Supervise and assist temporary staff or graduate assistants as needed. Performs other duties as assigned |
| Minimum Education/Experience |
Bachelor's degree with two years of related experience, or an equivalent combination of education/experience. |
| Preferred Education, Knowledge, Skills and Experience |
Education & Experience
- Bachelor's degree in CS, IT, Engineering, or a related technical field.
- 2+ years in information security, ideally within an academic research environment.
CISSP or GIAC certifications preferred; SANS or vendor-specific security certifications are a plus.
Technical Skills
- Proficiency with EDR, IDS/IPS, vulnerability scanners, anti-malware, forensics, and SIEM technology (e.g., Splunk).
- Practical experience with Cloud (AWS, Azure, GCP), on-premise, and hybrid environments.
- Expertise in advanced firewalls, encryption, and workstation security.
- Skilled in security risk assessments, penetration testing, and incident tracking/remediation.
Compliance & Governance
- Strong knowledge of NIST 800-171, NIST 800-53, and CMMC compliance.
- Familiarity with state government rules and regulations regarding data security.
Professional Competencies
- Proven ability to develop security solutions and provide technical advice to diverse stakeholders (faculty, IT, and administration).
- Experience implementing cross-functional security solutions in a team environment.
- Strong technical writing skills for procedural documentation and the ability to present complex info to non-technical audiences.
- Advanced troubleshooting abilities and a strict commitment to maintaining confidentiality.
|
| Necessary Certifications/Licenses |
|
| Preferred Certifications/Licenses |
Security certification such as
CISSP,
CISM,
CISA, or Security+. |
| Special Notes to Applicants |
- The finalist will be subject to a Criminal Background Check and/or a Motor Vehicle Report
The Search Committee will not contact references without first verifying permission with the finalist.
- Please ensure your resume reflects the knowledge, skills, abilities, and experiences to support your answers to the supplemental questions.
- Do not write 'see resume' on your application when completing the job duties section.
UNC Charlotte Benefits Information: https://hr.charlotte.edu/benefits/benefits-overview/
|
| Posting Open Date |
05/15/2026 |
| Posting Close Date |
|
| Open Until Filled |
Yes |
| Proposed Hire Date |
06/15/2026 |
| If time-limited please indicate appointment end date |
|
| Contact Information |
|
Posting Specific Questions
Required fields are indicated with an asterisk (*).
- *
How did you hear about this employment opportunity?
- UNC Charlotte Website
- HERC Job Board
- Inside Higher Education
- Mitratech Circa (formerly known as Local JobNetwork)
- Another Website
- Agency Referral
- Advertisement/Publication
- Personal Referral
- Other
Where did you learn about this posting?
(Open Ended Question)
- *
Do you have a Bachelors degree and two (2) years in the area of assignment or equivalent combination of education and experience?
- Bachelors degree and two (2) years in area of assignment
- Associates degree and four (4) years in area of assignment
- High School Diploma/GED and six (6) years in area of assignment
- None of the above
- *
Do you have experience with EDR, IDS/IPS, vulnerability scanners, anti-malware, forensics, and SIEM technology (e.g., Splunk)? Please explain:
(Open Ended Question)
- *
Do you have experience with Cloud (AWS, Azure, GCP), on-premise, and hybrid environments? Please explain:
(Open Ended Question)
- *
Do you have experience with security risk assessments, penetration testing, and incident tracking/remediation? Please explain:
(Open Ended Question)
- *
Do you have experience implementing cross-functional security solutions in a team environment? Please explain:
(Open Ended Question)
Required Documents
- Resume / Curriculum Vitae
- Cover Letter / Letter of Interest
- Contact Information for References
Optional Documents
|
University of North Carolina Charlotte
May 15, 2026