Cloud Compliance Manager

The University of Arizona's University Information Technology Services (UITS) invites you to apply to the role of The Cloud Compliance Manager.

The Cloud Compliance Manager is responsible for the assessment and maintenance of regulatory compliance for the University of Arizona's central cloud environments. Working as part of a 20+ member team of innovative and expert AWS, Microsoft, and Linux architects, engineers, and system administrators, this position helps ensure the regulatory compliance of enterprise cloud service offerings, including: *Campus Cloud Infrastructure - secure, cloud-resident virtual servers *Managed Cloud Services - secure, cloud-resident managed applications and databases *Secure AD - central, ESAE/RAMP compliant Microsoft Active Directory and Entra environment.

Candidates working anywhere in the U.S. may be considered for a remote assignment.

Outstanding U of A benefits include health, dental, and vision insurance plans; life insurance and disability programs; paid vacation, sick leave, and holidays; U of A/ASU/NAU tuition reduction for the employee and qualified family members; retirement plans; access to U of A recreation and cultural activities; and more!

The University of Arizona has been recognized for our innovative work-life programs. For more information about working at the University of Arizona and relocations services, please click here.

• Performs internal audits and works with external auditors to complete third-party gap assessments of regulatory compliant cloud environments.
• Works with cloud architects and engineers to remediate findings.
• Works with University privacy and compliance officers to obtain authorizations to operate for cloud environments.
• Creates and maintains memorandums of understanding, shared responsibility matrices, internal procedures, and campus-facing documentation for the use of cloud environments.
• Engages with University Information Security Office and campus stakeholders to align cloud environments with security and regulatory compliance best practices.
• Consults with campus stakeholders on the use of and responsibilities pertaining to regulatory compliant cloud environments.

Knowledge, Skills, Abilities:

• Strong knowledge of and recent experience managing regulatory compliance in HIPAA, PCI, and FERPA environments.
• Excellent verbal and written communication skills and attention to detail in communication.
• Self-motivated, results-oriented with a demonstrated ability to work in enterprise-scale IT environments.
• Strong track record of understanding and interest in current and emerging technologies and regulations.
• Ability to work as part of a cross-functional team.
• Ability to quickly learn new skills and technologies.
• Ability to multi-task between multiple complex projects.

This job posting reflects the general nature and level of work expected of the selected candidate(s). It is not intended to be an exhaustive list of all duties and responsibilities. The institution reserves the right to amend or update this description as organizational priorities and institutional needs evolve.

• Bachelor's degree in Information Technology or related areas.
• Minimum of 8 years of relevant work experience or equivalent combination of education and work experience.

OR

• 12 years of progressive Information Technology experience or combination of education and work experience.

• Familiarity with SIEM solutions (Splunk preferred) and related log retention and analysis requirements for regulatory compliance.
• Familiarity with IAM principles and best practices.
• Familiarity with Amazon Web Services.
• Familiarity with Microsoft Azure, Entra, and Active Directory.
• Familiarity with ATO, SRM, MOU, and BAA processes and requirements.
• Evidence of technical writing experience.
• Experience working in higher education.
• Experience orchestrating audits and compliance assessments.
• Experience and/or work experience in education, information security, or legal fields.

The application window is anticipated to close December 1, 2025.