Director of Data Security & Privacy

About This Role:

The Director of Data Security and Privacy partners with the Chief Information Security Officer (CISO) to lead the strategic development and operational management of the university's IT Governance, Risk, and Compliance (GRC) initiatives. The focus of this position is on enhancing security, compliance, and risk management across the university's IT infrastructure, including hybrid-cloud technologies and data center operations. The role is crucial for developing and implementing policies and procedures that ensure regulatory compliance, mitigate risks, and promote a culture of security and accountability. This position plays a key role in safeguarding the university's data, managing third-party risks, and ensuring high standards of governance and compliance throughout the organization.

Why Join Us:

Kansas State University offers a comprehensive benefits package that includes health insurance, life insurance, retirement plans, paid time off – vacation, sick, and holidays. To see what benefits are available, please visit: https://www.k-state.edu/hcs/benefits

We Support Diversity and Inclusion:

Kansas State University embraces diversity and inclusion. The university actively seeks individuals who foster a collegial environment and cooperative interactions with coworkers, students, and others. The University is dedicated to promoting the Principles of Community.

Worksite Options:

This position is required to be performed on-site. Work is performed on employer premises or designated assignment location.

What You’ll Need to Succeed:

Minimum Qualifications:

• Requires a bachelor's degree and five to 10 years of relevant experience.

Preferred Qualifications:

• Educational Background: Bachelor’s degree in Computer Science, Information Security, Cybersecurity, Law, or a related field, with a preference for advanced certifications in privacy or compliance (such as CIPP, CISSP, or CISM).
  
  Privacy and Compliance Experience: Extensive experience in data privacy, security compliance, and risk management. Deep understanding of legal regulations affecting data security (such as GDPR, HIPAA, FERPA) and experience implementing policies and procedures to meet these standards.
  
  Technical and Regulatory Proficiency: Strong foundation in cybersecurity principles with an ability to apply this knowledge to data protection and compliance. Proficiency in understanding and auditing the technical aspects of security measures, as well as familiarity with compliance frameworks (such as ISO 27001, NIST).
  
  Collaborative and Vendor Interaction Skills: Proven ability to lead and collaborate with cross-functional teams, legal staff, and external vendors to align security and privacy practices across the organization. Skilled in negotiating and managing contracts with a focus on compliance and data protection.
  
  Communication Skills: Exceptional communication and interpersonal skills, with the capability to clearly communicate complex legal, technical, and compliance-related concepts to a variety of stakeholders, including executive management, IT staff, and external partners.
  Governance and Compliance Expertise: Extensive experience in developing and implementing data governance frameworks and compliance programs within an organization. Knowledge of international and domestic privacy laws and regulations.
  
  Data Protection Proficiency: Demonstrated proficiency in developing strategies for data protection, understanding data lifecycle management, and applying data security measures in accordance with compliance requirements.
  
  Budget Management for Compliance Programs: Understanding of budget considerations specifically related to data privacy and security initiatives, ensuring cost-effective management of compliance resources.
  
  Privacy and Security Technology Application: Skills in leveraging both established and emerging privacy-enhancing and security technologies to safeguard organizational data.
  
  Operational Efficiency in Compliance Services: Demonstrated ability to enhance the effectiveness of data protection operations, focusing on compliance and risk management.
  
  Compliance Project Leadership: Experience in leading compliance projects, including the implementation of privacy frameworks and data security enhancements.
  
  Effective Compliance Communication: Excellent communication skills, capable of clearly explaining compliance policies, data protection principles, and privacy requirements to both technical and non-technical stakeholders.
  
  Collaborative Teamwork in Privacy and Security Initiatives: Proven ability to work collaboratively across departments to integrate privacy and compliance measures, fostering strong relationships to enhance organizational data protection efforts.
  
  Analytical and Strategic Problem-Solving: Strong analytical skills with a specific focus on identifying compliance risks and implementing strategic solutions to mitigate these risks.
  
  Support in Strategic Compliance and Privacy Operations: Ability to assist in the strategic aspects of privacy and security operations, providing insights and recommendations to optimize compliance and data protection activities.

Other Requirements:

• Applicants must be currently authorized to work in the United States at the time of employment.

How to Apply:

Please submit the following documents:

1. Letter of Interest
2. Resume
3. Three References with complete contact information

Screening of Applications Begins:

Immediately and continues until position is filled.

Anticipated Hiring Pay Range:

$120,000-$150,000

Equal Employment Opportunity:

Kansas State University is an Equal Opportunity Employer. All applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, gender identity, age, national origin, disability or status as a protected veteran.

Background Screening Statement:

In connection with your application for employment, Kansas State University will procure a Background Screen on you as part of the process of considering your candidacy as an employee.