Director,Governance, Risk and Compliance

Director, Governance, Risk and Compliance

Location:

Kennesaw, Georgia

Job

Regular / Full‑time, Regular

Join Kennesaw State University, one of the 50 largest public institutions in the country, offering more than 190 undergraduate, graduate, and doctoral degrees. KSU values respect, integrity, collaboration, inclusivity, and accountability.

Leads enterprise‑wide IT risk management, compliance, and governance initiatives. Ensures strategic regulatory alignment, supports audit readiness, and drives resilience across cloud and research environments. Manages staff and collaborates with stakeholders to build and execute security and compliance strategies.

• Lead the implementation and optimization of GRC platforms (e.g., Apptega)
• Develop and apply risk quantification methodologies
• Ensure compliance with cybersecurity frameworks including CIS
  18 v8.1, NIST CSF, 800‑171, etc.
• Manage third‑party risk assessments using Bit Sight, Security Scorecard, or similar system
• Collaborate on governance of restricted research environments (CUI, HIPAA) and drive cloud security compliance, focusing on Microsoft Azure
• Coordinate internal and external audit evidence collection, workflow automation, and reporting
• Communicate IT risks effectively across technical and non‑technical audiences, develop remediation recommendations and plans
• Support business continuity and disaster recovery planning
• Partner with stakeholders to develop and execute security plans

Bachelor’s degree in Computer Science or related field from an accredited institution.

8 years in governance, risk and compliance, cybersecurity, or information assurance, including at least 5 years of leadership and team‑management experience.

CRISC, CGRC, CISSP, CISA, or equivalent.

Experience in higher‑education information security or regulated industries such as healthcare, energy, or federal government is a plus.

Advanced degree in Cybersecurity, Information Security, Computer Science, or related field.

1‑Ability:
Handle multiple tasks or projects while meeting deadlines; 2‑Ability:
Communicate and engage stakeholders; 3‑Ability:
Anticipate compliance needs like an auditor; 4‑Ability:
Build trust and alignment; 5‑Ability:
Lead a high‑performing GRC team; 6‑Ability:
Navigate regulatory environments; 7‑Ability:
Execute strategic planning; 8‑Ability:
Manage audit response; 9‑Ability:
Coordinate business continuity and disaster recovery.

• CIS
  18 v8.1 and NIST frameworks
• HIPAA and CUI compliance in research settings
• Cloud security governance (Azure)
• Risk quantification and third‑party risk tools (Bit Sight, Security Scorecard)
• Strategic planning and execution
• Audit response and evidence management
• Business continuity and disaster recovery coordination

Excellent interpersonal, initiative, teamwork, problem solving, independent judgment, organization, communication, time management, project management, and presentation skills; proficient with Microsoft Office; strong attention to detail, follow‑up, and customer service; phone and email etiquette.

• This is a supervisory position.
• Position has financial responsibilities.
• Required to drive performance.
• Considered a position of trust.
• No purchasing card required.
• May travel 1%‑24% of the time.
• Background check includes credit report, standard enhanced, education, DMV.

Kennesaw State University is an Equal Employment Opportunity Employer. The University prohibits harassment and discrimination of any type. For additional information, contact the Office of Institutional Equity.