Manager of IT Governance, Risk, & Compliance
Old Dominion University
Posting Details
Working Title Manager of IT Governance, Risk, & Compliance
Position Number 01153A
Department INFORMATION TECHNOLOGY SERV-ACAD
Location Norfolk, VA
Type of Position Classified
Type of Job Full Time
EEO Category B Professionals
Job Description
To provide IT Compliance/Audit, Risk Management, Controls mapping and operational information security support, and to support the University Information Security Office Program to advance in principle, policy and practice. To provide awareness and training to ITS and departmental stakeholders who have responsibilities for systems and applications.
Type of Recruitment
Knowledge, skills and abilities
Comprehensive understanding of cloud computing security configurations, preferably with experience in AWS , GCP , and/or Microsoft Azure. Thorough understanding of IT security and privacy frameworks, standards and regulations, including ISO27001, NIST , HIPAA HITRUST , PCI – DSS , GLBA , DMCA , and export control laws. Considerable knowledge in cybersecurity in one or more roles, including security analyst, compliance and regulations, risk management or audit.
Strong analytical, organizational, and problem-solving skills. Proven written and oral communications skills. Strong project leadership skills with both legacy and emerging technologies to assess and manage business risk and enforce security controls. Proven project management, multitasking, and organizational skills. Demonstrated ability to integrate cybersecurity into business processes. High level of integrity and trustworthiness, with the confidence to represent the organization and security leadership professionally. Ability to work effectively with diverse teams and promote a positive enterprise-wide security culture. Ability to maintain credibility with the team and external stakeholders through sustained industry knowledge. Efficient self-starter requiring minimal supervision.
Special licenses, registration or certification
None.
Education or training
None.
Level and type of experience
Considerable experience with information security, risk analysis, audit, privacy, compliance or related fields.Considerable experience with security architecture and implementation of technical controls. Working management experience, including leading and developing technical teams.
Additional Considerations (supplemental knowledge, skills, abilities, education, experience, licensure, certification)
Basic understanding of service design, delivery concepts and control frameworks. Familiarity with IT Continuity of Operations and Disaster Recovery planning. Familiarity with security analysis tasks such as network security monitoring, incident investigation and handling, vulnerability scanning, penetration testing, and forensics. Forward thinking with strong business acumen and flexibility.
Some experience working in a higher-education information security, compliance or audit office.
Some experience with IT risk assessment and risk management processes such as OCTAVE , Binary Risk Management, or NIST Special Publication 800-30, Risk Management Guide for Information Technology Systems. Security or Assurance certification such as CISSP , CRISC , CGEIT , CCSK .
Project Management ( PMP ) andor Service Management ( ITIL ) certification(s).
Conditions of Employment
This position is designated as sensitive. A fingerprint-based criminal history check will be required of the final candidate.
This is a remote position working a traditional 40-hour week.
This is an open until filled recruitment. This recruitment may close after the five-day required posting period when a suitable pool of applicants has been generated.
Annual Salary/Hourly Rate Salary commensurate with education and experience
Posting Detail Information
Job Requisition Number S02788
Job Open To General Public
Open Date 10/14/2024
Close Date 10/18/2024
Open Until Filled No
Special Instructions Summary
Complete the full application and include a resume.
Criminal Background Check The final candidate is required to complete a criminal history check.
College Home Page
Department Home Page
Equity Statement
It is the policy of Old Dominion University to provide equal employment, educational and social opportunities for all persons, without regard to race (or traits historically associated with race including hair texture, hair type, and protective hairstyles such as braids, locks, and twists), color, religion, sex or gender (including pregnancy, childbirth, or related medical conditions), national origin, gender identity or expression, age, veteran status, disability, political affiliation, sexual orientation or genetic information. Individuals from minoritized communities, women, veterans and individuals with disabilities are encouraged to apply.
Reasonable Accommodation Request
If you are an individual with a disability and require reasonable accommodation, please contact the Office of Institutional Equity & Diversity at (757) 683-3141.
Alternative Hiring Process
In support of the Commonwealth’s commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth’s Alternative Hiring Process.
To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly called a Certificate of Disability) provided by the Department for Aging & Rehabilitative Services ( DARS ), or the Department for the Blind & Vision Impaired ( DBVI ). Service-Connected Veterans may also apply via the AHP if they also provide an AHP Letter.
To request an AHP Letter, use this link: https://www.dars.virginia.gov/drs/cpid/PWContact.aspx or call DARS at 800-552-5019, or DBVI at 800-622-2155.
Pay Transparency Nondiscrimination Provision
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or © consistent with contractor’s legal duty to furnish information.
Supplemental Questions
Required fields are indicated with an asterisk ().
Applicant Documents
Required Documents
Resume
Optional Documents
Yellow Layoff Form
Blue Layoff Card
AHP Letter