Job ID: 247052

Manager of IT Governance, Risk, & Compliance

Old Dominion University

  • Oct. 14, 2024
 
  • Manager of IT Governance, Risk, & Compliance
  • INFORMATION TECHNOLOGY SERV-ACAD
  • Old Dominion University
    Norfolk, VA
 
  • Open until filled
  • Available immediately
  •  
 
  • Director/Manager
  • Computing/Informational Services
 
 

Job Description

To provide IT Compliance/Audit, Risk Management, Controls mapping and operational information security support, and to support the University Information Security Office Program to advance in principle, policy and practice. To provide awareness and training to ITS and departmental stakeholders who have responsibilities for systems and applications.


Knowledge, skills and abilities

Comprehensive understanding of cloud computing security configurations, preferably with experience in AWSGCP, and/or Microsoft Azure.  Thorough understanding of IT security and privacy frameworks, standards and regulations, including ISO27001, NIST, HIPAA\HITRUSTPCI-DSSGLBADMCA, and export control laws.  Considerable knowledge in cybersecurity in one or more roles, including security analyst, compliance and regulations, risk management or audit.
 
Strong analytical, organizational, and problem-solving skills.  Proven written and oral communications skills.  Strong project leadership skills with both legacy and emerging technologies to assess and manage business risk and enforce security controls.  Proven project management, multitasking, and organizational skills.  Demonstrated ability to integrate cybersecurity into business processes.  High level of integrity and trustworthiness, with the confidence to represent the organization and security leadership professionally.  Ability to work effectively with diverse teams and promote a positive enterprise-wide security culture.  Ability to maintain credibility with the team and external stakeholders through sustained industry knowledge.  Efficient self-starter requiring minimal supervision.

Special licenses, registration or certification

None.

Education or training

None.

Level and type of experience

Considerable experience with information security, risk analysis, audit, privacy, compliance or related fields.  Considerable experience with security architecture and implementation of technical controls.  Working management experience, including leading and developing technical teams.

Additional Considerations (supplemental knowledge, skills, abilities, education, experience, licensure, certification)

Basic understanding of service design, delivery concepts and control frameworks.  Familiarity with IT Continuity of Operations and Disaster Recovery planning.  Familiarity with security analysis tasks such as network security monitoring, incident investigation and handling, vulnerability scanning, penetration testing, and forensics.  Forward thinking with strong business acumen and flexibility.
 
Some experience working in a higher-education information security, compliance or audit office.
 
Some experience with IT risk assessment and risk management processes such as OCTAVE, Binary Risk Management, or NIST Special Publication 800-30, Risk Management Guide for Information Technology Systems.  Security or Assurance certification such as CISSPCRISCCGEITCCSK.
 
Project Management (PMP) and\or Service Management (ITIL) certification(s).

Conditions of Employment

This position is designated as sensitive. A fingerprint-based criminal history check will be required of the final candidate. 

This is a remote position working a traditional 40-hour week.

This is an open until filled recruitment. This recruitment may close after the five-day required posting period when a suitable pool of applicants has been generated.

 
Please reference AcademicKeys.com in your cover letter when
applying for or inquiring about this job announcement.
 

Contact Information

 


  •  


New Search | Previous