Associate Director of IT Risk and Compliance
Apply now Back to search results
Job no: 532046
Work type: Administrative & Professional
Senior management: Vice President-Info Technology
Department: IT Security
Location: Blacksburg, Virginia, Hybrid
Categories: Information Systems / Technology
The Associate Director of IT Risk and Compliance is responsible for managing the university’s IT Risk and Compliance program, overseeing the IT software procurement security assessment program, advising the University IT Security Office (ITSO) on security policies, and participating in university service and outreach.
Responsibilities of this position include:
• Managing the university’s Information Technology Risk and Compliance program and supervising members of the IT Risk and Compliance team
• Managing the university’s Information Technology Governance, Risk, and Compliance (GRC) platform
• Providing guidance, tools, and subject matter expertise for departments performing IT risk assessments
• Participating in enterprise risk management activities
• Managing, and participating in, the third-party and in-house software procurement security review process
• Assisting the University IT Security Officer in the development and reporting of ITSO's annual and strategic plans related to risk and compliance.
• Leading, developing, and mentoring employees involved in compliance and risk-related activities
• Participating in university service and outreach by representing ITSO, DoIT, and/or Virginia Tech on internal and external committees
• Working with and advising the University IT Security Officer and Executive Director for IT Policies and Strategic Engagement on IT security policies and standards
No visa sponsorship is available for this position.
• Master’s degree in computer science, Information Systems, STEM, or a related field or bachelor's degree with equivalent work experience to a master's degree
• Significant information security, audit, and/or compliance work experience, with experience measuring compliance against various regulations, industry standards, and/or policies
• Demonstrated ability to manage multiple projects and programs
• Demonstrated ability to effectively communicate across a broad range of campus audiences
• Knowledgeable, with experience, in the following:
- Information risk management concepts
- Cloud and vendor security standards and assessment frameworks (for example, HECVAT and SOC 2), including vendor and contract management issues
- Ability to quickly understand technical concepts and determine the implications of particular requirements and policies
• Strong analytical, organizational, and problem solving skills
• Committed to supporting and promoting a diverse and inclusive campus community
• Certified in Risk and Information Systems Control (CRISC), Certified Information System Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) certification
• Familiar with the following information security and compliance frameworks: NIST SP 800-171, NIST Cybersecurity Framework, FERPA, GLBA, PCI, Center for Internet Security (CIS) Controls
• Experience in vulnerability scanning and/or application security testing practices
• Experience in evaluating business processes and making recommendations for improvements
• Experience working in a higher education environment
Commensurate upon experience
The successful candidate will be required to have a criminal conviction check.
No visa sponsorship is available for this position.
Dedicated to its motto, Ut Prosim (That I May Serve), Virginia Tech pushes the boundaries of knowledge by taking a hands-on, transdisciplinary approach to preparing scholars to be leaders and problem-solvers. A comprehensive land-grant institution that enhances the quality of life in Virginia and throughout the world, Virginia Tech is an inclusive community dedicated to knowledge, discovery, and creativity. The university offers more than 280 majors to a diverse enrollment of more than 36,000 undergraduate, graduate, and professional students in eight undergraduate colleges, a school of medicine, a veterinary medicine college, Graduate School, and Honors College. The university has a significant presence across Virginia, including the Innovation Campus in Northern Virginia; the Health Sciences and Technology Campus in Roanoke; sites in Newport News and Richmond; and numerous Extension offices and research centers. A leading global research institution, Virginia Tech conducts more than $500 million in research annually.
Virginia Tech endorses and encourages participation in professional development opportunities and university shared governance. These valuable contributions to university shared governance provide important representation and perspective, along with opportunities for unique and impactful professional development.
Virginia Tech does not discriminate against employees, students, or applicants on the basis of age, color, disability, sex (including pregnancy), gender, gender identity, gender expression, genetic information, ethnicity or national origin, political affiliation, race, religion, sexual orientation, or military status, or otherwise discriminate against employees or applicants who inquire about, discuss, or disclose their compensation or the compensation of other employees or applicants, or on any other basis protected by law.
If you are an individual with a disability and desire an accommodation, please contact IT Human Resources at ithr@vt.edu during regular business hours at least 10 business days prior to the event.
Advertised:
Applications close:
Back to search results Apply now Refer a friend
