Director of IT Governance, Risk, and Compliance

Title: Director of IT Governance, Risk, and Compliance

Employee Classification:

Hiring Range: Commensurate with Education and Experience

Agency: Virginia State University

Location: Virginia State University

Division: Office of the President

Academic Unit: Information Technology

Department: OIT

Agency Website: www.vsu.edu

Job Summary/Basic Functions

The Office of Information Technology enables superior Technology Services (TS) delivery and service availability across the VSU enterprise by mastering customer engagement, digital transformation, security, governance and streamlining initiatives that continually administer to student success, academia, and the needs and desires of the TS lines of business.

The Director of IT Governance, Risk, and Compliance (GRC) position is responsible for overseeing and enhancing the VSU's IT governance, risk management, and compliance institutions. This role ensures that the VSU's IT environment aligns with regulatory requirements and industry standards while supporting strategic goals. The GRC Director will work closely with various departments, stakeholders, and auditors to ensure the VSU's IT systems are secure, compliant and effectively managed.

Minimum Qualifications

• Experience in IT Roadmap, Strategy, and Strategic Planning.

• Demonstrated ability to direct and manage mid-large size scale IT projects.

• Proficient in project management tools.

• Experience in Microsoft Project and/or VITA PlainView.

• Experienced in creating, exercising, and executing Business Continuity Plans, Business Impact Assessments, Risk Assessments, and/or
IT Disaster Recovery Plans.

• Strong understanding of IT governance frameworks and risk management methodologies.

• Excellent analytical, problem solving and decision-making skills.

• Ability to build conducive relationships with IT staff, business departments, executives, and other University constituents.

• Knowledgeable of Virginia Department of Emergency Management Continuity of Operations Plan (COOP), the VITA IT Security Standards
for IT Contingency Planning, and the Recovery Institute International (DRII) standards.

Additional Considerations:

• Master’s degree highly preferred or Bachelor’s degree with equivalent combination of education and experience required in strategy,
risk management, business administration, continuity planning, training, and/or emergency management procedures.

• Minimum of 5 years of experience in IT governance, risk management and compliance in higher education.

• Certification such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control
(CRISC), Certified Information Systems Auditor (CISA) or equivalent are highly desirable.