Manager, GRC

Augusta University

About Us
Augusta University is Georgia's innovation center for education and health care, training the next generation of innovators, leaders, and healthcare providers in classrooms and clinics on four campuses in Augusta and locations across the state. More than 9,000 students choose Augusta for educational opportunities at the center of Georgia's cybersecurity hub and experiential learning that blends arts and application, humanities, and the health sciences. Augusta is home to Georgia's only public academic health center, where groundbreaking research is creating a healthier, more prosperous Georgia, and world-class clinicians are bringing the medicine of tomorrow to patient care today.

Location
Augusta University -
Our Health Sciences Campus: 1120 15th Street, Augusta, GA 30912
Our Summerville Campus: 2500 Walton Way, Augusta, GA 30904

College/Department Information
The Division of Information Technology's mission at Augusta University is to anticipate and respond effectively to a changing world with agile, innovative, robust and secure services that educate and inspire students,empower clinicians, educators, researchers and administrators,advance learning, discovery and care.

Job Summary
A position on the Cybersecurity Solutions team is responsible for supporting Augusta University in the areas of cybersecurity, overseeing the governance, risk, and compliance program. The manager's primary responsibility is to develop, implement, and improve upon processes around cyber risk Identification, assessment, and remediation, as well as the exception and mitigation tracking, vendor risk management, and audit response. The manager will lead gap assessments between security practices and top risk management frameworks, producing actionable outputs toward remediation plans. Partnering with the cybersecurity engineering team, they will develop technical standards and controls across the various assets and platforms that the organization leverages. The manager will also oversee the Identity governance and management program, contributing guidance on security strategies to manage the identities of AU employees and students. The Manager, GRC will provide leadership and strategy for the development and implementation of the application onboarding process and the effective control of access to Information assets across the organization.

Responsibilities
The job duties include, but are not limited to:
DEVELOP, MAINTAIN, & EXECUTE- Develop, maintain, and execute processes around risk management, remediation, and mitigation planning
COLLABORATE- Collaborate and lead engagements with multifaceted teams across different units of the organization, ensuring the organization is involved in the understanding and establishing of risk profiles, and understands the potential risk impact and proposed mitigations.
OVERSEE DEVELOPMENT & MAINTENANCE-Oversee the development and maintenance of the GRC and /AM platforms
DEVELOP TRAINING MATERIALS- Develop training materials to increase employee awareness and engagement surrounding their role in reducing the organization's cybersecurity risk.
PROVIDE GUIDANCE, COACHING, & MENTORSHIP-Provide guidance, coaching, and mentorship to a team of engineers and work with internal and external audits on audit execution, findings response, and remediation planning.
OTHER DUTIES- Perform all other duties as assigned

Required Qualifications
Bachelor's degree from an accredited college or university in IT or related field and 7 years of cybersecurity-specific experience or demonstrated knowledge across cybersecurity concepts to include 2 years managing and implementing a GRC platform and process, and experience implementing identity and access management principals or an equivalent combination of education, training, and experience.

Preferred Qualifications
Professional certification (e.g., CR/SC, CISA, CISM, C/SSP). Experience leading and managing a technical team. Experience with security and risk frameworks (NIST, ISO 27001, PC/), Familiarity with healthcare and education-relevant regulatory legislation and standards for the protection of health information, patient, and student privacy.

Knowledge, Skills, & Abilities
KNOWLEDGE
Must understand technical security controls and processes
Must understand technical network diagrams
Familiarity with change management process required.
Knowledge of security hardware and software products that comply with current industry standards required.
Familiarity with healthcare and education relevant regulatory legislation and standards for the protection of health information, patient, and student privacy.
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy (ex. HIPAA, FERPA, PC/).
Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data
Knowledge of Risk Management Framework (RMF) requirements.
Knowledge of Information security program management and project management principles and techniques.
Knowledge of relevant laws, legal authorities, restrictions, and regulations pertaining to cyber defense activities
Knowledge of troubleshooting and problem-resolution techniques

SKILLS
Strong verbal and written communication skills required
Strong project management and organizational change management skills

ABILITIES
Proven ability to communicate effectively verbally, in writing, and through formal presentations at the technical and non-technical/eve/.
Proven ability to develop an effective, collaborative working relationship with a variety of representative groups with potentially dissimilar priorities

Shift/Salary/Benefits
Shift: Days-M/F *Work outside of normal business hours may be required.*
Pay Grade: 25
Salary Minimum $80,202/Annually-$100,000/Annually
Salary to be commensurate with qualifications of the selected candidate within the established range (generally minimum-midpoint) of the position

Recruitment Period: Until Filled
Augusta University offers a variety of benefits to full-time benefits-eligible employees and some of our half-time (or more) employees.

Benefits that may be elected could include health insurance, dental insurance, life insurance, Teachers' Retirement System (or Optional Retirement Plan), as well as earned vacation time, sick leave, and 13 paid holidays.

Also, our full-time employees who have been employed with us successfully for more than 6 months can be considered for the Tuition Assistance Program. Consider applying with us today!

Conditions of Employment
All selected candidates are required to successfully pass a Background Check review prior to starting with Augusta University.

All employees are responsible for ensuring the confidentiality, availability, and integrity of sensitive [patient, student, employee, financial, business, etc.] information by exercising sound judgment and adhering to cybersecurity and privacy policies during their employment and beyond.

Other Information
This position is also responsible for promoting a customer-friendly environment and providing superior service to our patients, students, faculty, and employees. "Augusta University is a patient-and family-centered care institution, where employees partner every day with patients and families for success."

Augusta University is a tobacco-free environment, and the use of any tobacco products on any part of the campus, both inside and outside, is strictly prohibited.

Equal Employment Opportunity
Augusta University is proud to be an equal opportunity employer welcoming applicants from underrepresented groups, including individuals with disabilities and veterans.

To apply, please visit: https://careers.hprod.onehcm.usg.edu/psp/careers/CAREERS/HRMS/c/HRS_HRAM_FL.HRS_CG_SEARCH_FL.GBL?Page=HRS_APP_JBPST_FL&Action=U&FOCUS=Applicant&SiteId=12000&JobOpeningId=253400&PostingSeq=1



jeid-22ec2cb7de386349b59ee0c7b3904d23