Director of Data Security & Privacy

Join to apply for the Director of Data Security & Privacy role at Kansas State University

This job was posted by https://www.kansasworks.com: For more information, please see: https://www.kansasworks.com/jobs/13202632

The Director of Data Security and Privacy partners with the Chief Information Security Officer (CISO) to lead the strategic development and operational management of the university's IT Governance, Risk, and Compliance (GRC) initiatives. This position focuses on enhancing security, compliance, and risk management across the university's IT infrastructure, including hybrid-cloud technologies and data center operations. The role involves developing and implementing policies and procedures to ensure regulatory compliance, mitigate risks, and foster a culture of security and accountability. It is key in safeguarding data, managing third-party risks, and ensuring governance and compliance standards are met throughout the organization.

This position is required to be performed on-site. Work is performed on employer premises or designated assignment location.

• Requires a bachelor’s degree and five to 10 years of relevant experience.

• Educational Background: Bachelor’s degree in Computer Science, Information Security, Cybersecurity, Law, or a related field, with a preference for advanced certifications in privacy or compliance (such as CIPP, CISSP, or CISM).
• Privacy and Compliance Experience: Extensive experience in data privacy, security compliance, and risk management. Deep understanding of legal regulations affecting data security (such as GDPR, HIPAA, FERPA) and experience implementing policies and procedures to meet these standards.
• Technical and Regulatory Proficiency: Strong foundation in cybersecurity principles with the ability to apply this knowledge to data protection and compliance. Proficiency in understanding and auditing the technical aspects of security measures, as well as familiarity with compliance frameworks (such as ISO 27001, NIST).
• Collaborative and Vendor Interaction Skills: Proven ability to lead and collaborate with cross-functional teams, legal staff, and external vendors to align security and privacy practices across the organization. Skilled in negotiating and managing contracts with a focus on compliance and data protection.
• Communication Skills: Exceptional communication and interpersonal skills, capable of clearly conveying complex legal, technical, and compliance-related concepts to diverse stakeholders, including executives, IT staff, and external partners.
• Governance and Compliance Expertise: Extensive experience in developing and implementing data governance frameworks and compliance programs. Knowledge of privacy laws and regulations both domestically and internationally.
• Data Protection Proficiency: Demonstrated ability to develop data protection strategies, understand data lifecycle management, and implement security measures in accordance with compliance standards.
• Budget Management for Compliance Programs: Understanding of budget considerations related to data privacy and security initiatives, ensuring cost-effective resource management.
• Privacy and Security Technology Application: Skills in leveraging privacy-enhancing and security technologies to safeguard organizational data.
• Operational Efficiency in Compliance Services: Ability to improve data protection operations focusing on compliance and risk management.
• Compliance Project Leadership: Experience leading privacy frameworks and security enhancement projects.
• Effective Compliance Communication: Ability to explain policies and principles clearly to technical and non-technical audiences.
• Collaborative Teamwork in Privacy and Security Initiatives: Proven ability to work across departments to integrate privacy and compliance measures.
• Analytical and Strategic Problem-Solving: Strong skills in identifying risks and implementing solutions.
• Support in Strategic Compliance and Privacy Operations: Providing insights and recommendations to optimize activities.

• Applicants must be authorized to work in the United States at the time of employment.

Please submit the following documents:

• Letter of Interest
• Resume
• Three professional references

• Seniority level: Director
• Employment type: Full-time
• Job functions: Other, Information Technology, Management
• Industries: Higher Education