Information Security Analyst

Monday-Friday 8am - 5pm.

To learn more about the pay band for this branch and role, please see the Career Banding rates spreadsheet.

A global higher education leader in innovative teaching, research and public service, the University of North Carolina at Chapel Hill consistently ranks as one of the nation's top public universities. Known for its beautiful campus, world-class medical care, commitment to the arts and top athletic programs, Carolina is an ideal place to teach, work and learn.

One of the best college towns and best places to live in the United States, Chapel Hill has diverse social, cultural, recreation and professional opportunities that span the campus and community.

University employees can choose from a wide range of professional training opportunities for career growth, skill development and lifelong learning and enjoy exclusive perks for numerous retail, restaurant and performing arts discounts, savings on local child care centers and special rates on select campus events. UNC-Chapel Hill offers full-time employees a comprehensive benefits package, paid leave, and a variety of health, life and retirement plans and additional programs that support a healthy work/life balance.

At UNC's Kenan-Flagler Business School, we think differently; and more importantly, we teach differently. Opening our doors as the Department of Commerce in 1919 and awarding our first degrees to 12 students in 1921 was the beginning. Today, we have become a top-ranked business school comprised of several professional and academic degree programs that serve over 3,000 students. At Kenan-Flagler, our greatest assets are our people and our culture. We are rooted in our core values of integrity, inclusion, innovation and impact, and it goes back to our founding. It's not just something on paper, we live it, we show it. Our mission is to prepare the next generation of business leaders by providing a world class education to our students. We seek to recruit diverse, innovative, and exceptional talent to achieve this goal.

This position may be eligible for a hybrid work arrangement that may include a partially remote work location, consistent with System Office policy. UNC Chapel Hill employees are generally required to reside within a reasonable commuting distance of their assigned duty station.

This position is the Kenan-Flagler Business School IT team's Microsoft 365 Security and Identity Governance administrator.
This position will be responsible for securing and optimizing our Microsoft 365 cloud environment with a strong emphasis on identity lifecycle management, access governance, and security configuration. Responsibilities include managing account provisioning, deprovisioning, and role-based access controls, as well as working directly with customers to troubleshoot and resolve account-related issues.

This position will ensure that M365 services including Exchange Online, Teams, SharePoint, OneDrive, and Microsoft Entra ID (formerly Azure Active Directory) are configured, monitored, and maintained according to best practices, compliance standards, and organizational security policies. This includes implementing conditional access policies, multifactor authentication, privileged identity management ( PIM), and monitoring for suspicious activity using tools such as Microsoft Defender and Purview.

A key responsibility of this role is to design and implement automated identity lifecycle management processes including provisioning, deprovisioning, and role-based access control to ensure that user access is secure, timely, and aligned with business needs. The ideal candidate will be comfortable working with Entra ID Governance and Power Automate or other automation tools to streamline identity workflows and enforce consistent access policies.

This role requires strong technical knowledge, a risk-aware mindset, and the ability to implement solutions that balance security, usability, and operational efficiency.

This position will also contribute to documentation, training, audit readiness, and continuous improvement initiatives related to access controls, data protection, and security monitoring.

Associate's degree in Computer Information Technology, computer Technology Integration, Networking Technology, or related area and one year of experience in the information technology field related to the position's role; or
- Bachelor's degree from an appropriately accredited institution and one year experience in the information technology field related to the position's role; or
- Bachelor's degree in computer science, computer engineering, math or engineering or related technical degree from an appropriately accredited institution; or an equivalent combination of education and experience.
- Journey level required an additional one year of experience
- Advanced level required an additional two years of experience.

- Experience in Microsoft 365 security and Entra ID environments.

- Strong understanding of M365 security, compliance, and identity governance features
.
- Experience with Microsoft Defender for M365, Entra ID (formerly Azure AD), and Purview compliance center.

- Familiarity with identity lifecycle management concepts and tools.

- Experience with SolarWinds or a similar request tracking system.

- Communication Skills
Ability to clearly explain technical concepts to non-technical stakeholders.
Skilled at drafting documentation, user communications, and incident reports.

- Problem Solving and Critical Thinking
Investigates complex security or identity issues methodically.
Ability to assess risk and propose appropriate, practical solutions.

- Collaboration and Teamwork
Works effectively with cross-functional teams (IT, HR, security, privacy, legal).
Supports users and colleagues with patience and clarity.

- Adaptability and Flexibility
Comfortable adjusting to evolving technologies and security threats.
Responds calmly to urgent security incidents or shifting priorities.

- Attention to Detail
Diligently monitors logs, reviews access rights, and tracks compliance details.
Ensures configurations are precise to avoid security gaps.

- Accountability and Ownership
Takes responsibility for the systems they manage and follows through on tasks.
Escalates issues appropriately and documents actions.

- Time Management and Prioritization
Manages routine tasks, projects, and incident response without losing focus.
Balances security initiatives with operational needs.

- Ethical Judgment and Discretion
Maintains confidentiality of sensitive identity and access data.
Exercises good judgment when managing elevated privileges or reviewing access logs.

- Customer Service Orientation
Approachable and responsive to end-user issues or access needs.

- Initiative and Continuous Learning
Proactively stays updated on Microsoft 365, identity management and governance changes and
security trends.
Suggests improvements to existing identity governance and security processes.

- PowerShell scripting skills for automation and reporting are a plus.
- CISSP (Certified Information Systems Security Professional) certification, or the ability to obtain certification within one year of hire.
- Microsoft certifications such as SC-300: Identity and Access Administrator and SC-900: Security, Compliance, and Identity Fundamentals.

Not Applicable.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

If you experience any problems accessing the system or have questions about the application process, please contact the Office of Human Resources at (919) 843-2300 or send an email to employment@unc.edu

Please note: The Office of Human Resources will not be able to provide specific updates regarding position or application status.

The University is an equal opportunity employer and welcomes all to apply without regard to age, color, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, or sexual orientation. We encourage all qualified applicants to apply, including protected veterans and individuals with disabilities.