Associate Director, IT Security Risk Management

Job Level
Mid-level position
Job Category
Associate / Assistant Director
Sector
  • Information Technology
Job Status
Areas of Responsibility
  • Security

We are looking for an Associate Director, IT Security Risk Management to join our dynamic team of dedicated IT Security professionals at the largest university in the state of Texas!  Come work with great professionals who share a passion for protecting our university’s electronic information resources.

 

When you find a home with us you will see that the Texas A&M System is committed to offering employees a comprehensive benefits package including health, dental, vision, life insurance, flexible spending accounts, retirement, and various work-life benefits. You will also discover why College Station has been ranked on Kiplinger magazine’s list of 10 Great Places to Live and also rated as one of America’s best college towns and as a finalist for the nation’s friendliest. We are one of the safest places in Texas with an excellent school district and no state tax. College Station/Bryan is one of the fastest growing metros in the country, but we still have a small-town feel with Aggieland traditions, Texas hospitality, and lots of sunshine. College Station is truly a unique place to work, live and call home – come join us!

 

The Associate Director is responsible for establishing and maintaining a University -wide IT Governance, Risk and compliance program.

 

 

Required Education and Experience:

 

Bachelor's degree or any equivalent combination of training and experience.  One year of experience may substitute for one year of education. 

 

Eight years of enterprise-level managerial experience, which includes enterprise-level technical experience, that includes:

  • Four years of IT Risk Management or security experience.

  • Two years hands-on experience with eGRC platforms.

  • Two years hands-on experience with Policy and compliance in large enterprises.

 

Experience with auditing, and risk management. Must possess well-rounded technology experience in a distributed computing environment. Commitment to following through until complete resolution of problem.

 

 

Required Special Knowledge, Abilities, and Skills:

  • Must have a solid understanding of Risk Management from an IT and information security perspective.  Ability to articulate highly technical information into real world business impact at a senior management level and, conversely, ability to translate senior management business initiatives.  Ability to communicate clearly and effectively to ensure understanding.  Able to communicate complex issues to engineers and management alike.  Excellent written communication skills. 

  • Ability to find creative solutions to complex problems.  Self-motivated with ability to take ownership of issues.  Ability to be flexable and to adapt to changes in the work environment.

  • Ability to write design ETL solutions and code in  a SQL language as well as understand data warehousing.

  • Must have a solid understaning of HIPAA/HITECH, FERPA, Controlled Unclassified Information, NIST 800-53, NIST 800-171, and ISO 27001 controls.

  • Must be able to work in a collaborative team environment. Ability to multi-task and work cooperatively with a diverse range of people.  Must have strong interpersonal skills.  Excellent critical thinking and problem-solving skills. 

 

Preferred Education and Experience:

  • Degree in information technology or related field.
  • Experience with Archer, Lockpath, or RSAM from an integration perspective.

 

Preferred Licenses and Certifications:

  • CISSP, or similar certifications.

 

Responsibilities:

  •  Strategic Planning: Share authority and accountability for setting, directing and implementing strategy. Leads strategic planning for areas supervised and assists Director in developing and implementing overall departmental strategic plans.
  • Policy: Assists Director in formulating and implementing IT policies and procedures to ensure, information security, and IT architecture are in compliance with all applicable regulatory requirements.  Collaborate with other IT executive leaders to formulate effective IT policies and procedures.  Ensures compliance with unit, department, University, and government standards, policies, and procedures. 
  • Project Management: Manage key portions of the departmental IT project portfolio.
  • Operations Management: Oversees the coordination of programs, ensuring program goals are consistent with departmental and University missions.  Oversee, design, and control the process/es for supporting the delivery of strategic information technology services.  Monitor and analyze operational metrics.  Implement continuous improvement methodologies to include corrective actions, as needed.  Responsible for annual budget preparation and expense control for areas of responsibility and provides input into overall department budget.  Establishes performance goals and measures to evaluate the success of areas of responsibility.
  • Leadership and Personnel Management: Serves as part of departmental leadership team.  Provide leadership for IT Staff and junior IT leaders.  Oversee the recruitment, hiring, and supervision of large and/or multiple teams staffed with IT team leaders/managers, multi-disciplined and/or more senior technical staff, and support staff.  Oversee that enforce ethical, regulatory, and performance standards.  Oversee and manage personnel issues.  Supervises and directs activities of staff, project teams or functional areas.  Serves on various University, division, and departmental committees and represents department at various State and National associations.
  • Customer/Vendor Relations: Maintain, establish, and develop new strategic partnerships with executive management, stakeholders, customers, and vendors. 
  • Documentation: Oversee operational documentation and reporting procedures.
  • Advanced Enterprise-Level Technical Support (less than 50% effort): Provide advanced enterprise–level technical support.
  • Audits and Investigations: Establish standards for the administration and monitoring of data security profiles on all platforms, audits, reviews of security violation reports, and investigations of security exceptions.  Oversee investigations of possible security violations and the completion of investigation reports.
  • Professional Development: Participate in training and professional development with special emphasis on leadership development, industry/technology related acumen, and project/operations management.
  • Other Duties: Other duties as assigned.  May perform all or some of the duties of a level IV Information Technologist.

 

Instructions to Applicants: Applications received by Texas A&M University must either have all job application data entered or a resume attached. Failure to provide all job application data or a complete resume could result in an invalid submission and a rejected application. We encourage all applicants to upload a resume or use a LinkedIn profile to pre-populate the online application.

 

 

All positions are security-sensitive. Applicants are subject to a criminal history investigation, and employment is contingent upon the institution’s verification of credentials and/or other information required by the institution’s procedures, including the completion of the criminal history check.

 

Equal Opportunity/Affirmative Action/Veterans/Disability Employer committed to diversity.