Information Security Professional at InsideHigherEd

Position Number:012583Functional Title:Information Security ProfessionalPosition Type:StaffPosition Eclass:EP - EHRA 12 mo leave earningUniversity Information:Located in North Carolina’s third largest city, UNC Greensboro is among the most diverse, learner-centered public research universities in the state, with 18,000 students in eight colleges and schools pursuing more than 150 areas of undergraduate and over 200 areas of graduate study. UNCG continues to be recognized nationally for academic excellence, access, and affordability. UNCG is ranked No. 1 most affordable institution in North Carolina for net cost by the N.Y. Times and No. 1 in North Carolina for social mobility by The Wall Street Journal — helping first-generation and lower-income students find paths to prosperity. Designated an Innovation and Economic Prosperity University by the Association of Public and Land-grant Universities, UNCG is a community-engaged research institution with a portfolio of more than $67M in research and creative activity. The University’s 2,600 staff help create an annual economic impact for the Piedmont Triad region in excess of $1B.Primary Purpose of the Organizational Unit:The Information Security Office is a subset within the Division of Information Technology Services (ITS). The Information Security Office is charged with providing active information security & riskmanagement services, incident management, information security controls, education, and guidance for the protection of UNCG’s information assets and information technology environment. The overall objective is to provide confidentiality, integrity and availability services for teaching and learning, research, service, and the conduct of university business and also supporting university’s compliance with regulatory requirements.Position Summary:We are seeking a highly skilled Security Architect with 5 to 7+ years of experience and expertise in cloud security, vulnerability management, BC/DR and AI governance. The ideal candidate will drive innovation while ensuring operational resilience, compliance, and effective risk mitigation across on-prem and hybrid cloud environments.This Information Security Professional position contributes to the division’s role of ensuring university compliance with federal and state laws and regulation, serving as the advisory and support resource for HIPAA Security Rule, FERPA and DMCA compliance, records management, and compliance with restricted data laws and policies – such as PII, ePHI, and educational information.Minimum Qualifications:A Bachelor’s or Master’s degree in a technical field with at least 5 to 7 years of relevant experience, or equivalent combination of education/experienceCertifications such as CISSP, CRISC, CCSP, Microsoft Certified: Security, Compliance, and Identity Fundamentals, or equivalent.Azure/AWS/AI CertificationsProven experience in security architecture and AI governance.Expertise in Microsoft security tools (Azure Security, Defender Suite, Purview, Sentinel).Proficient in scripting languages for automation (PowerShell, Python, Bash).Familiarity with compliance frameworks like NIST, ISO 27001/2, HIPAA, and AI governance standards.Strong analytical, communication, and collaboration skills.Preferred Qualifications:Recruitment Range:Salary commensurate with experienceOrg #-Department:Info Technology Services - 23101Job Open Date:08/26/2025Open Until Filled:YesFTE:1.000Type of Appointment:PermanentNumber of Months per Year:12FLSA:ExemptPercentage Of Time:30%Key Responsibility:Security ArchitectEssential Tasks:Conduct security architecture reviews, risk assessments, threat modeling, and cloud configuration audits (Azure & AWS).Collaborate with AI/ML teams to identify and mitigate risks related to AI, including data privacy, model security, and adversarial threats.Develop and implement robust security frameworks, focusing on IAM & Data Security, Cloud & Network Security.Percentage Of Time:20%Key Responsibility:Cloud and AI SecurityEssential Tasks:Monitor and optimize security posture using Microsoft Azure tools (Defender for Cloud, Sentinel, Azure AD) and the Microsoft Defender Suite (Endpoint, Identity, Office 365, Cloud Apps).Secure AI/ML models and data pipelines while addressing governance risks.Percentage Of Time:20%Key Responsibility:Data Protection and GovernanceEssential Tasks:Design and implement advanced DLP policies via Microsoft Purview.Ensure compliance with NIST and ISO frameworks, CIS controls, HIPAA, AI governance standards (ISO 42001/23894) and data protection regulations.Percentage Of Time:10%Key Responsibility:Incident Response & Threat DetectionEssential Tasks:Experienced in incident response using SIEM/SOAR platforms with automation where applicable.Perform vulnerability assessments across hybrid environments and ensure timely remediation and patch management coordination.Percentage Of Time:10%Key Responsibility:Operational ResilienceEssential Tasks:Develop and maintain comprehensive BC/DR plans, conducting annual exercises for continuous process improvement.Conduct business impact analyses to prioritize remediation strategies.Percentage Of Time:5%Key Responsibility:Automation & ReportingEssential Tasks:Build dashboards and custom security reports using Splunk, Power BI, Microsoft Sentinel, or equivalent.Automate repetitive security tasks using scripting languages (PowerShell, Python, Bash).Percentage Of Time:5%Key Responsibility:Training & AwarenessEssential Tasks:Conduct DLP policy enforcement, AI security education, and annual security awareness training.Stay ahead of emerging threats and regulatory developments in cloud, data, and AI security domains.Physical Effort:Hand Movement-Repetitive Motions - F, Finger Dexterity - f, Reading - f, Writing - F, Hearing - f, Talking - f, Sitting - fWork Environment:Inside - c