Manager IT Compliance

The Manager position for the Governance, Risk Management, and Compliance team within OSU Information Security Services is responsible for ensuring the success of data Governance, Risk Management, and Compliance (GRC) initiatives related to OSU/A&M system data. Success of these initiatives is dependent on the effective performance of several roles within the team. The Manager position of the GRC team will be expected to ensure successful performance of the following roles as they relate their team and the services they offer: Team Leader, Risk Management, Compliance Management, Governance, Training Coordinator, Service Team Leader, Service Team Member.

Periodically this position requires work after normal working hours and requires continual availability by cellular device. Due to communication expectations of the position, the incumbent will be required to maintain cellular or other electronic communication. The incumbent's salary includes compensation to apply towards the use of their personal cellular device.

Work is in both controlled and uncontrolled environmental areas. Work may require regular access to hospitals, clinics, and related health care facilities, and University research laboratories. Work may require occasional access to BSL-3 Labs.

Must be able to lift and carry 25 pounds, as required to move computer hardware and file storage boxes.

Special Instructions to Applicants

A resume, cover letter, and list of references are required to complete the application process. For full consideration, submit application by March 19th, 2023.

Education & Experience

Position Qualifications:

Minimum Qualifications:

High School/GED

Six years related work experience

Post-secondary education may be substituted for years or experience

Must be able to communicate verbally and in writing with clear, grammatically correct English. Requires interaction with supervisors, colleagues, students, using tact, discretion, and independent judgement.

Must possess knowledge of the principles and practices of organization, planning, records management, and general administration.

Must also possess the ability to analyze and solve problems efficiently and handle multiple duties under pressure with minimal supervision.

Must possess knowledge of regulatory compliance issues related to information security in educational environments and possess the ability to develop University level policies and procedures.

Preferred Qualifications:

Bachelor's degree in Technology or business related.

Multiple years of direct experience with conducting risk assessments/audits/reviews of information systems with the goal of assessing and/or mitigating information security threats/risk within a large university environment.

Multiple years of direct experience as a team leader.

Certified Information Systems Security Professional (CISSP)
Security Essentials Certification (GSEC)
Certified Information Systems Auditor (CISA)
Certified Fraud Examiner (CFE)

Familiarization and understanding of industry standard risk management frameworks

Strong understanding of laws and/or standards applicable to Regulatory Compliance for educational institutions such as, FISMA, (FERPA), Health facilities (HIPAA), and financial institutions (PCI, SOX, and GLB-A), as well as a knowledge of the principles and practices of organization, planning, records management, and general administration.

Oklahoma State University (OSU) strives to provide a safe study, work, and living environment for its faculty, staff, volunteers and students. To support this environment and comply with applicable laws and regulations, OSU conducts pre-employment background checks on final candidates. Offers of employment are contingent upon the successful completion of a background check. The type of background check conducted varies by position and can include, but is not limited to, criminal (felony and misdemeanor) history, sex offender registry, motor vehicle history, financial history, and/or education verification. Background checks will be conducted when required by law or contract and when, in the discretion of the university, it is reasonable and prudent to do so.

Oklahoma State University, as an equal opportunity employer, complies with all applicable federal and state laws regarding non-discrimination and affirmative action. Oklahoma State University is committed to a policy of equal opportunity for all individuals and does not discriminate based on race, religion, age, sex, color, national origin, marital status, sexual orientation, gender identity/expression, disability, or veteran status with regard to employment, educational programs and activities, and/or admissions. For more information, visit eeo.okstate.edu.