Information Security Risk & Compliance Manager (Hybrid)

Overview
Georgia Tech prides itself on its technological resources, collaborations, high-quality student body, and its commitment to building an outstanding and diverse community of learning, discovery, and creation. We strongly encourage applicants whose values align with our institutional values, as outlined in our Strategic Plan. These values include academic excellence, diversity of thought and experience, inquiry and innovation, collaboration and community, and ethical behavior and stewardship. Georgia Tech has policies to promote a healthy work-life balance and is aware that attracting faculty may require meeting the needs of two careers.

About Georgia Tech
Georgia Tech is a top-ranked public research university situated in the heart of Atlanta, a diverse and vibrant city with numerous economic and cultural strengths. The Institute serves more than 45,000 students through top-ranked undergraduate, graduate, and executive programs in engineering, computing, science, business, design, and liberal arts. Georgia Tech's faculty attracted more than $1.4 billion in research awards this past year in fields ranging from biomedical technology to artificial intelligence, energy, sustainability, semiconductors, neuroscience, and national security. Georgia Tech ranks among the nation's top 20 universities for research and development spending and No. 1 among institutions without a medical school.

Georgia Tech's Mission and Values
Georgia Tech's mission is to develop leaders who advance technology and improve the human condition. The Institute has nine key values that are foundational to everything we do:
1. Students are our top priority.
2. We strive for excellence.
3. We thrive on diversity.
4. We celebrate collaboration.
5. We champion innovation.
6. We safeguard freedom of inquiry and expression.
7. We nurture the wellbeing of our community.
8. We act ethically.
9. We are responsible stewards.

Over the next decade, Georgia Tech will become an example of inclusive innovation, a leading technological research university of unmatched scale, relentlessly committed to serving the public good; breaking new ground in addressing the biggest local, national, and global challenges and opportunities of our time; making technology broadly accessible; and developing exceptional, principled leaders from all backgrounds ready to produce novel ideas and create solutions with real human impact.

The Georgia Tech Research Institute (GTRI) is the nonprofit, applied research organization of the Georgia Institute of Technology (Georgia Tech). Founded in 1934 as the Engineering Experiment Station, GTRI has grown to more than 2,900 employees supporting eight laboratories in over 20 locations around the country. In FY2023 GTRI had over $941M of problem-solving research awards for government and industry.

Each day, GTRI's science and engineering expertise is used to turn ideas into workable solutions for our customers. We take the best ideas, often co-developed with our Georgia Tech academic partners, and turn them into systems applications that provide a significant technological advantage over other approaches.

Conduct information assurance and compliance activities as needed to identify, evaluate, report, and mitigate information security risks. Ensure adequate and effective security processes & controls are followed and aligned in support of compliance and data security requirements. This position will interact on a regular basis with: Institute leadership and staff. This position typically will advise and counsel: Institute leadership and staff. This position will supervise: NA.

Job Duty 1 -
Manage the day to day functions of Georgia Tech's Risk Assessment Program.

Job Duty 2 -
Perform technical testing of controls for assurance and validation of IT asset compliance

Job Duty 3 -
Evaluate risks associated with the procurement of new IT products/systems and lead compliance assessments of third party service providers

Job Duty 4 -
Ensure adequate and effective IT controls exist to meet current and future security compliance requirements found in laws and regulations

Job Duty 5 -
Assist units with remediation planning for current and future security vulnerabilities and ensure identified gaps have been appropriately addressed to mitigate or transfer risks

Job Duty 6 -
Prepare and provide regular reports to keep appropriate leadership personnel informed of the operation of compliance efforts

Job Duty 7 -
Take lead in the development of internal processes to streamline risk analysis techniques

Job Duty 8 -
Lead the annual PCI recertification for all campus units processing credit cards

Job Duty 9 -
Assist in content development of IT and Information Security training and initiatives

Job Duty 10 -
Perform other duties as assigned

Educational Requirements
Bachelor's Degree in Computer Science, Engineering or related field or equivalent combination of education and experience

Other Required Qualifications
flexibility in on-site daily service delivery hours

Required Experience
Seven to eight years of job related experience

Additional Preferred Qualifications
Experience leading a Vulnerability Management Program

Preferred Educational Qualifications
Master's Degree in Computer Science, Engineering or related field

Salary Range: $$109,136 148,424

Job Grade: I7

Location: Atlanta, GA

Additional preferred qualifications include:

Certified Information Systems Security Professional (CISSP), GIAC Certified Forensic Analyst (GCFA), and/or PenTest+ certifications
Experience designing and implementing vulnerability management policies, standards, and procedures, including risk assessments, compliance reviews, and vulnerability analyses
Sound knowledge of common infrastructure vulnerability categorizations such as CVE, CVSS, and/or CWE
Risk management experience with ability to translate technical risks for business leaders
Previous experience in analyzing data to present relevant metrics to remediation stakeholders and leadership

This position requires the ability to obtain a Security Clearance

SKILLS
This position requires the ability to work independently, be creative and innovative at conducting a high volume of risk analyses, report accurate and relevant risks to the appropriate constituents, and align initiatives to the core organizational mission of Research and Education

The University System of Georgia is comprised of our 26 institutions of higher education and learning as well as the System Office. Our USG Statement of Core Values are Integrity, Excellence, Accountability, and Respect. These values serve as the foundation for all that we do as an organization, and each USG community member is responsible for demonstrating and upholding these standards. More details on the USG Statement of Core Values and Code of Conduct are available in USG Board Policy 8.2.18.1.2 and can be found on-line at https://www.usg.edu/policymanual/section8/C224/#p8.2.18_personnel_conduct.

Additionally, USG supports Freedom of Expression as stated in Board Policy 6.5 Freedom of Expression and Academic Freedom found on-line at https://www.usg.edu/policymanual/section6/C2653.

The Georgia Institute of Technology (Georgia Tech) is an Equal Employment Opportunity Employer. The University is committed to maintaining a fair and respectful environment for all. To that end, and in accordance with federal and state law, Board of Regents policy, and University policy, Georgia Tech provides equal opportunity to all faculty, staff, students, and all other members of the Georgia Tech community, including applicants for admission and/or employment, contractors, volunteers, and participants in institutional programs, activities, or services. Georgia Tech complies with all applicable laws and regulations governing equal opportunity in the workplace and in educational activities.

Georgia Tech prohibits discrimination, including discriminatory harassment, on the basis of race, ethnicity, ancestry, color, religion, sex (including pregnancy), sexual orientation, gender identity, gender expression, national origin, age, disability, genetics, or veteran status in its programs, activities, employment, and admissions. This prohibition applies to faculty, staff, students, and all other members of the Georgia Tech community, including affiliates, invitees, and guests. Further, Georgia Tech prohibits citizenship status, immigration status, and national origin discrimination in hiring, firing, and recruitment, except where such restrictions are required in order to comply with law, regulation, executive order, or Attorney General directive, or where they are required by Federal, State, or local government contract.

More information on these policies can be found here: https://www.usg.edu/policymanual/section6/c2714 Board of Regents Policy Manual | University System of Georgia (usg.edu).

This is not a supervisory position.
This position does not have any financial responsibilities.
This position will not be required to drive.
This role is considered a position of trust.
This position does not require a purchasing card (P-Card).
This position will not travel
This position will require security clearance.

Successful candidate must be able to pass a background check. Please visit http://policylibrary.gatech.edu/employment/pre-employment-screening