Governance Risk & Compliance Manager

Apply for Job Job ID 291706

Location Atlanta, Georgia

Full / Part Time Full-Time

Regular / Temporary Regular

Add to Favorite Jobs Email this Job

About Us

Overview

Georgia Tech prides itself on its technological resources, collaborations, high-quality student body, and its commitment to building an outstanding and diverse community of learning, discovery, and creation. We strongly encourage applicants whose values align with our institutional values, as outlined in our Strategic Plan. These values include academic excellence, diversity of thought and experience, inquiry and innovation, collaboration and community, and ethical behavior and stewardship. Georgia Tech has policies to promote a healthy work-life balance and is aware that attracting faculty may require meeting the needs of two careers.

About Georgia Tech

Georgia Tech is a top-ranked public research university situated in the heart of Atlanta, a diverse and vibrant city with numerous economic and cultural strengths. The Institute serves more than 45,000 students through top-ranked undergraduate, graduate, and executive programs in engineering, computing, science, business, design, and liberal arts. Georgia Tech's faculty attracted more than $1.4 billion in research awards this past year in fields ranging from biomedical technology to artificial intelligence, energy, sustainability, semiconductors, neuroscience, and national security. Georgia Tech ranks among the nation's top 20 universities for research and development spending and No. 1 among institutions without a medical school.

Georgia Tech's Mission and Values

Georgia Tech's mission is to develop leaders who advance technology and improve the human condition. The Institute has nine key values that are foundational to everything we do :

1. Students are our top priority.

2. We strive for excellence.

3. We thrive on diversity.

4. We celebrate collaboration.

5. We champion innovation.

6. We safeguard freedom of inquiry and expression.

7. We nurture the wellbeing of our community.

8. We act ethically.

9. We are responsible stewards.

Over the next decade, Georgia Tech will become an example of inclusive innovation, a leading technological research university of unmatched scale, relentlessly committed to serving the public good; breaking new ground in addressing the biggest local, national, and global challenges and opportunities of our time; making technology broadly accessible; and developing exceptional, principled leaders from all backgrounds ready to produce novel ideas and create solutions with real human impact.

The Office of Information Technology (OIT) provides information technology leadership and support to the Georgia Institute of Technology, working in partnership with academic and business units to meet the unique needs of a leading research university. OIT serves as the primary source of enterprise-wide information technology and telecommunications services in support of students, faculty, staff, and researchers.

Location

Atlanta, Georgia

Job Summary

Responsible for developing an overall GT data protection framework including developing, reviewing, and updating IT and information security policies, standards, guidelines, and baseline to protect GT data and systems. Partner with functional and IT leaders across campus, data stewards and other risk stakeholders to develop and support a comprehensive cybersecurity risk management program that aligns with the GT Enterprise Risk Management function, and Data Governance objectives. Partner with data stewards and other functional leaders, IT leaders and staff to leverage technologies and processes to develop and maintain a comprehensive cybersecurity compliance program, including control design and implementation guides, training, continuous monitoring, alerting, and reporting. Responsible for setting employee goals, assessing employee performance and providing feedback, and making pay recommendations.

This position will interact on a regular basis with : IT Leadership Institute-wide, Data Governance Committee, unit staff and management, security leadership, and engineering staff

This position typically will advise and counsel : Institute-wide IT Leadership, institute-wide stakeholders / partners and unit staff and management

This position will supervise : Assigned staff

Responsibilities

Job Duty 1 -

Develop an overall GT data protection framework including developing, reviewing, and updating IT and information security policies, standards, guidelines, and baseline to protect GT data and systems

Job Duty 2 -

Partner with functional and IT leaders across campus, data stewards and other risk stakeholders to develop and support a comprehensive cybersecurity risk management program that aligns with the GT Enterprise Risk Management function, and Data Governance objectives

Job Duty 3 -

Partner with data stewards and other functional leaders, IT leaders and staff to leverage technologies and processes to develop and maintain a comprehensive cybersecurity compliance program, including control design and implementation guides, training, continuous monitoring, alerting, and reporting

Job Duty 4 -

Partner with GT Procurement, Privacy, and IT leaders across campus to develop and lead a robust third-party security assessment program that meets GT and USG policies and ensures compliance with state, federal and international laws, and regulations

Job Duty 5 -

Leading compliance initiatives both within compliance functions across the Institute, as well as managing relationships and maintaining communications with stakeholders at all levels

Job Duty 6 -

Evaluate risks associated with the procurement of new IT products / systems and lead compliance assessments of third-party service providers

Job Duty 7 -

Manage the day-to-day functions of Georgia Tech's Risk Assessment Program; perform technical testing of controls for assurance and validation of IT asset compliance

Job Duty 8 -

Perform other related duties as assigned

Required Qualifications

Educational Requirements

Bachelor's Degree Computer Science, related field, or equivalent combination of education and work experience

Required Experience

Five to seven years of job-related experience

Required Qualifications

Preferred Skills : Ideal candidate must have 3 to 5 years demonstrated experience.

• Demonstrated experience with federal cybersecurity requirements including NIST, FISMA, CMMC, or DFARS.
• Demonstrated experience managing Cybersecurity Governance, Risk, and Compliance programs.
• Demonstrated experience in project and program management.
• Demonstrated experience conducting cybersecurity risk assessments and contract reviews.
• Demonstrated experience with PCI-DSS, HIPAA, FERPA, ISO, or similar regulatory oversight requirements.

Preferred Qualifications

Additional Preferred Qualifications

Certifications or licenses preferred :

Certified Information Systems Security Professional (CISSP); Global Information Assurance Certification (GIAC); Certified Incident Handler

Preferred Educational Qualifications

Master's Degree

Preferred Experience

Seven or more years of job-related experience

Proposed Salary

Budget for this position is $130,000, salary based on experience.

Knowledge, Skills, & Abilities

ABILITIES

Strong ability to manage and maintain effective working relationships with a diverse population, perform and effectively, make important decisions under pressure, communicate complex technical subjects to non-technical audiences, and effectively manage / direct team

KNOWLEDGE

Advanced knowledge in the application of information security concepts, principles and practices; expert knowledge translating legal and regulatory requirements into security controls; strong knowledge designing security controls to meet regulatory compliance requirements, provide training, and lead change and adoption; network security applications, and common internet protocols and applications

SKILLS

Proficient in written and verbal communication, analytical thinking, customer service, organization, risk management, project management, compliance development, problem-solving, and strong attention to detail; proficiency with Microsoft Office products.

USG Core Values

The Georgia Institute of Technology (Georgia Tech) is an Equal Employment Opportunity Employer. The Institute is committed to maintaining a fair and respectful environment for all. To that end, and in accordance with federal and state law, Board of Regents policy, and Institute policy, Georgia Tech provides equal opportunity to all faculty, staff, students, and all other members of the Georgia Tech community, including applicants for admission and / or employment, contractors, volunteers, and participants in institutional programs, activities, or services. Georgia Tech complies with all applicable laws and regulations governing equal opportunity in the workplace and in educational activities.

Equal opportunity and decisions based on merit are fundamental values of the University System of Georgia (USG) and Georgia Tech. Georgia Tech prohibits discrimination, including discriminatory harassment, on the basis of an individuals race, ethnicity, ancestry, color, religion, sex (including pregnancy), national origin, age, disability, genetics, or veteran status in its programs, activities, employment, and admissions. Further, Georgia Tech prohibits citizenship status, immigration status, and national origin discrimination in hiring, firing, and recruitment, except where such restrictions are required in order to comply with law, regulation, executive order, or Attorney General directive, or where they are required by Federal, State, or local government contract.

USG Core Values

The University System of Georgia is comprised of our 26 institutions of higher education and learning as well as the System Office. Our USG Statement of Core Values are Integrity, Excellence, Accountability, and Respect. These values serve as the foundation for all that we do as an organization, and each USG community member is responsible for demonstrating and upholding these standards. More details on the USG Statement of Core Values and Code of Conduct are available in USG Board Policy 8.2.18.1.2 and can be found on-line at https : / / www.usg.edu / policymanual / section8 / C224 / #p8.2.18_personnel_conduct.

Additionally, USG supports Freedom of Expression as stated in Board Policy 6.5 Freedom of Expression and Academic Freedom found on-line at https : / / www.usg.edu / policymanual / section6 / C2653.

Other Information

This is not a supervisory position.

This position does not have any financial responsibilities.

This position will not be required to drive.

This role is not considered a position of trust.

This position does not require a purchasing card (P-Card).

This position will not travel

This position does not require security clearance.

Background Check

Successful candidate must be able to pass a background check. Please visit http : / / policylibrary.gatech.edu / employment / pre-employment-screening