This job was posted by https://www.kansasworks.com : For more
information, please see: https://www.kansasworks.com/jobs/13036097
r
rDirector of Data Security & Privacy
r
r
r
rAbout This Role:
The Director of Data Security and Privacy partners with the Chief
Information Security Officer (CISO) to lead the strategic development
and operational management of the university\'s IT Governance, Risk, and
Compliance (GRC) initiatives. The focus of this position is on enhancing
security, compliance, and risk management across the university\'s IT
infrastructure, including hybrid-cloud technologies and data center
operations. The role is crucial for developing and implementing policies
and procedures that ensure regulatory compliance, mitigate risks, and
promote a culture of security and accountability. This position plays a
key role in safeguarding the university\'s data, managing third-party
risks, and ensuring high standards of governance and compliance
throughout the organization.
Why Join Us:
Kansas State University offers a comprehensive benefits package that
includes health insurance, life insurance, retirement plans, paid time
off - vacation, sick, and holidays. To see what benefits are available,
please visit:
https://www.k-state.edu/hcs/benefits
We Support Diversity and Inclusion:
Kansas State University embraces diversity and inclusion. The university
actively seeks individuals who foster a collegial environment and
cooperative interactions with coworkers, students, and others. The
University is dedicated to promoting the Principles of
Community.{target="_blank"}
Worksite Options:
This position is required to be performed on-site. Work is performed
on employer premises or designated assignment location.
What You\'ll Need to Succeed:
Minimum Qualifications:
- Requires a bachelor\'s degree and five to 10 years of relevant
experience.
Preferred Qualifications:
Educational Background: Bachelor\'s degree in Computer Science,
Information Security, Cybersecurity, Law, or a related field, with a
preference for advanced certifications in privacy or compliance (such as
CIPP, CISSP, or CISM).
Privacy and Compliance Experience: Extensive experience in data privacy,
security compliance, and risk management. Deep understanding of legal
regulations affecting data security (such as GDPR, HIPAA, FERPA) and
experience implementing policies and procedures to meet these standards.
Technical and Regulatory Proficiency: Strong foundation in cybersecurity
principles with an ability to apply this knowledge to data protection
and compliance. Proficiency in understanding and auditing the technical
aspects of security measures, as well as familiarity with compliance
frameworks (such as ISO 27001, NIST).
Collaborative and Vendor Interaction Skills: Proven ability to lead and
collaborate with cross-functional teams, legal staff, and external
vendors to align security and privacy practices across the organization.
Skilled in negotiating and managing contracts with a focus on compliance
and data protection.
Communication Skills: Exceptional communication and interpersonal
skills, with the capability to clearly communicate complex legal,
technical, and compliance-related concepts to a variety of stakeholders,
including executive management, IT staff, and external partners.
Governance and Compliance Expertise: Extensive experience in developing
and implementing data governance frameworks and compliance programs
within an organization. Knowledge of international and domestic privacy
laws and regulations.
Data Protection Proficiency: Demon trated proficiency in developing
strategies for data protection, understanding data lifecycle management,
and applying data security measures in accordance with compliance
requirements.
Budget Management for Compliance Programs: Understanding of budget
considerations specifically related to data privacy and security
initiatives, ensuring cost-effective management of compliance resources.
Privacy and Security Technology Application: Skills in leveraging both
established and emerging privacy-enhancing and security technologies to
safeguard organizational data.
Operational Efficiency in Compliance Services: Demonstrated ability to
enhance the effectiveness of data protection operations, focusing on
compliance and risk management.
Compliance Project Leadership: Experience in leading compliance
projects, including the implementation of privacy frameworks and data
security enhancements.
Effective Compliance Communication: Excellent communication skills,
capable of clearly explaining compliance policies, data protection
principles, and privacy requirements to both technical and non-technical
stakeholders.
Collaborative Teamwork in Privacy and Security Initiatives: Proven
ability to w