Program Manager, Governance, Risk & Compliance
Company: Inside Higher Ed
Location: Austin
Posted on: April 8, 2021
Job Description:
Position InformationLocation: Service CenterHours: Typically
Monday - Friday 8 am to 5pm. Salary: Administrator 1/999 ($0.00 -
$0.00)FLSA Status: ExemptReports To: Chief Information Security
OfficerCriminal Background Check: Pre-employment criminal
background checks are required for all Staff and Faculty positions.
Pre-employment urinalyses drug screens are also required for all
top candidates considered for positions in ACC's College Police
department.College ProfileAustin Community College (ACC) is a
public two-year institution that serves a diverse population of
approximately 41,000 credit students each fall and spring semester.
We embrace our identity as a community college as reflected in our
mission statement. We promote student success and community
development by providing affordable access, through traditional and
distance learning modes, to higher education and workforce
training, including appropriately applied baccalaureate degrees, in
our service area. As a community college committed to our mission,
we seek to recruit and retain a workforce that:
- Reflects the diversity of our community.
- Values intellectual curiosity and innovative teaching.
- Is attracted by the college mission to promote equitable access
to educational opportunities.
- Cares about student success and collaborates on strategies to
facilitate success for underrepresented populations.
- Welcomes difference and models respectful interaction with
others.
- Engages with the community both within and outside of ACC.Our
MissionThe Austin Community College District promotes student
success and community development by providing affordable access,
through traditional and distance learning modes, to higher
education and workforce training in its service area. For more
information, see
http://www.austincc.edu/about-acc/mission-statement.Commitment to
Equity and InclusionACC is committed to the ongoing systemic
changes needed to ensure the increased recruitment, inclusion,
retention, and completion of historically underserved and
underrepresented populations. Through continual strategic community
engagement and professional development of administrators, faculty,
staff, and students, the college demonstrates its dedication to
fostering a culture and climate for equitable outcomes. As an
open-access and low-cost institution, ACC is proud to serve a
diverse student body. Dedicated faculty members are excellent
professors who help students achieve their educational goals and
are sensitive to the diverse cultures and socio-economic
backgrounds of our students. The College values and is committed to
equity, diversity, and inclusion throughout the College
community.General Statement of JobReporting to the Chief
Information Security Officer, this position is responsible for
building a GRC program to reduce security risk while achieving
compliance w/ Texas CyberSecurity Framework (TCF), FedRAMP and
other regulatory requirements. This position will provide subject
matter expertise in NIST, TCF, and must have information security
expertise for the development and implementation of the information
security GRC program. This is a high visible and cross functional
role as it relates to the increasing organization security posture
and reducing risk.Description of Duties and TasksEssential duties
and responsibilities include the following. Other duties may be
assigned.
- Conducts risk assessments and collaborate with stakeholders to
implement a security framework such as NIST or Texas Cybersecurity
Framework.
- Overseea the third-party security vendor program.
- Oversees and report on compliance with security controls and
policies.
- Facilitates the development and implementation of data quality
standards and adoption requirements across the college and defines
indicators of performance and ensure compliance with data related
policies, standards, roles and responsibilities, and adoption
requirements are met.
- Identifies gaps within internal data landscape to ensure data
integrity and data structure compliance within data governance
frameworks.
- Participates or drive technology risk governance process.
- Ensures audit trails, system logs and other monitoring data
sources are reviewed periodically and in compliance with policies
and audit requirements.
- Works with various stakeholders to identify information asset
owners to classify data and systems as part of a control framework
implementation.
- Works with the CISO and IT and business stakeholders to define,
collect and report on metrics that effectively communicate risk
management successes and progress of security compliance.
- Oversees periodic updates to the Data Quality/Master Data
Management Roadmap.
- Drafts and maintains compliance documents (e.g. policies,
standards, procedures, etc).
- Provides Subject Matter Expertise (SME) related to NIST 800-53,
SOC 1, SOC2, Texas Cybersecurity Framework and other information
security regulations.KnowledgeMust possess required knowledge and
be able to explain and demonstrate, with or without reasonable
accommodations, that the essential functions of the job can be
performed. Proven track record and experience in developing
information security policies and procedures, as well as
successfully executing programs that meet the objectives of
excellence in a dynamic business environment. Knowledge of data
quality, stewardship and master data management practices, business
and technology issues related to management of institutional data
assets. Knowledge of defining, documenting and implementing Data
Governance practices, policies, and procedures. Knowledge of
consulting skills, change management concepts and strategies,
including communication, culture change and performance measurement
system design. Knowledge of data architecture and technology
solutions. Knowledge of best practice for Data Quality Management,
Master Data Management and near real time data warehousing.
Knowledge of common information security management frameworks,
such as ISO/IEC 27001, ITIL, GDPR, as well as those from NIST,
including 800-53. Knowledge of TAC202 and Texas Cybersecurity
Framework is preferred.SkillsMust possess required skills and be
able to explain and demonstrate, with or without reasonable
accommodations, that the essential functions of the job can be
performed. Maintaining an established work schedule. Effectively
using interpersonal and communications skills including tact and
diplomacy. Maintaining confidentiality of work-related information
and materials. Establishing and maintaining effective working
relationships. Possess analytical abilities to examine
infrastructures and make recommendations on improvements. Ability
to facilitate data governance processes with IT and college
departments. Success in leveraging both traditional best practices,
such as IT service management practices based on ITIL. Excellent
analytical skills, the ability to manage multiple projects under
strict timelines, as well as the ability to work well in a
demanding, dynamic environment and meet overall objectives. Strong
analytical skills to analyze security requirements and relate them
to appropriate security controls. Experience in working in a
collaborative team environment.Technology Skills Technical
proficiency with security-related systems, tools, applications and
data architecture. Use automation and lean concepts.Required Work
Experience
- Three years of related work experience.Preferred Work
Experience Two or more years of experience in data governance or
working with data management frameworks such as NIST or TCF and
security technologies. Minimum of 2 of experience in a combination
of risk management and information security. Experience of building
and deployment of data governance programs / frameworks. The
ability to interact and build strong relationships with key
stakeholders at all levels and across all business units and
organizations, and work effectively with business managers, IT
engineering and IT operations staff.Required Education
- Bachelor's degree.Preferred Education Bachelor's degree in
computer information science.Special
RequirementsLicenses/Certifications; Other Valid Texas Driver's
License and reliable transportation for travel in the Austin area
as required. Possess one of the following: Certified Information
Systems Security Professional (CISSP), Certified Information
Systems Auditor (CISA) or equivalent preferred.Other Preferred
Qualifications A strong understanding of security tools,
technologies and policies. Strong understanding of information
security concepts, protocols, industry best practices, strategies
and frameworks NIST and Texas Cybersecurity Framework. The ability
to perform risk, gap analysis, business impact, control and
vulnerability assessments, and recommend treatment strategies.
Experience working with internal and external auditors. In-depth
knowledge and understanding of information risk concepts and
principles as a means of relating business needs to security
controls.Physical Requirements Work is performed in a standard
office or similar environment. Subject to standing, walking,
sitting, bending, reaching, pushing, and pulling. Occasional
lifting of objects up to 10 pounds.Safety
- Work safely and follow safety rules. Report unsafe working
conditions and behavior. Take reasonable and prudent actions to
prevent others from engaging in unsafe practices.Information for
This Posting Only This is a benefit eligible position funded
through January 31, 2022 and is subject to renewal. The College is
unable to support candidates who require sponsorship to work in the
United States.ACC Benefits OverviewFull-time Faculty and Staffing
Table employees who work in full-time and/or part-time positions at
the College are eligible for ACC medical benefits effective the
first of the month after their first 60 days of employment.
Benefits include medical, dental, life insurance, short and long
term disability, retirement plans and AD&D.ACC does not
participate in Social Security. ACC participates in the Teacher
Retirement System of Texas (TRS) and the Optional Retirement
Program (ORP-Faculty Only). Part-time and Hourly employees
participate in the ACC Money Purchase Plan (ACCMPP) as a retirement
program required by Federal law. DisclaimerThe above description is
an overview of the job. It is not intended to be an all-inclusive
list of duties and responsibilities of the job, nor is it intended
to be an all-inclusive list of the skills and abilities required to
do the job. Duties and responsibilities may change with business
needs. ACC reserves the right to add, change, amend, or delete
portions of this job description at any time, with or without
notice. Employees may be required to perform other duties as
requested, directed, or assigned. In addition, reasonable
accommodations may be made by ACC as its discretion to enable
individuals with disabilities to perform the essential
functions.Austin Community College provides equal employment
opportunities (EEO) to all employees and applicants for employment
without regard to race, color, religion, sex, national origin, age,
disability or genetics.As required by the US Department of
Education, employees are required to report violations under the
Title IX and, under the Jeanne Clery Disclosure of Campus Security
Policy and Crime Statistics Act (Clery Act), select individuals are
required to report crimes. If this position is identified as a
Campus Security Authority (Clery Act), you will be notified,
trained, and provided resources for reporting.
Keywords: Inside Higher Ed, Austin , Program Manager, Governance, Risk & Compliance, Executive , Austin, Texas
Didn't find what you're looking for? Search again!