Insider Job Board Insiderjobboard.com

Start Your Job Search

Search:

Manager, IT Governance, Risk and Compliance

Athabasca University's Department of Information Technology is currently recruiting for a Manager of IT, Governance, Risk and Compliance.

This is a permanent full-time position commencing March, 2025.


The Position:

The Manager, IT Governance, Risk & Compliance (GRC) is responsible for overseeing key components of the AU's security program, ensuring the protection of its digital assets and infrastructure and ensuring the avoidance or reduction of impact on the university's core operations from cybersecurity threats. This role involves, managing the implementation and maintenance of security policies, and leading a dedicated team focused on IT governance, risk, compliance, security awareness, and training. The Manager, IT Governance, Risk & Compliance collaborates with various departments and external partners to establish effective security risk management measures, coordinates internal and external audits, and oversees the university-wide information security awareness and training program. This position requires strong leadership skills to mentor and manage the security program team, facilitate knowledge sharing, and ensure continuous improvement in security practices.

 

Duties and Responsibilities:

Strategic Alignment

  • Work with the CISO and leadership team to develop and maintain the university's security program, plans and processes ensuring alignment with the university's strategic direction. Provide quarterly reports on the progress and effectiveness of security initiatives.
  •  Monitor the progress of the information security plan, ensuring that performance is aligned with the objectives. Make suggestions for changes as needed to maintain alignment. 

Leadership and Team Management

  •  Lead, mentor, and manage the security program team, including providing caring and challenging feedback, to foster an environment of trust and continuous improvement.
  •  Conduct weekly team meetings to review ongoing projects and address challenges, provide one-on-one mentoring sessions to support team members' professional growth, and implement a feedback system for continuous performance improvement. Track team progress and report monthly on key performance indicators (KPIs).
  • Facilitate regular training sessions and mentorship opportunities to facilitate knowledge sharing and technical and personal development within the team.
  • Lead the recruitment process for new staff members or contract outside services to supplement the team's capabilities when needed.

IT Governance, Risk, Compliance and Security Awareness/Training

  • Lead the Security GRC Team in establishing operational goals and priorities. 
  • Oversee the review, implementation and ongoing maintenance of security policies, standards and procedures.
  • Work with the CISO's leadership team to define and develop the security program portfolio of services, then oversee its socialization and communication. 
  • Build, prioritize and maintain business relationships with staff to help ensure security services and processes are well-communicated and integrated within the organization.
  • Coordinate and lead meetings with the Security Committee to help ensure good governance of the security program.
  • Working with the CISO, lead the maturation of the security risk management strategy, process and program. Including maintenance of the cybersecurity risk register and other related artifacts.
  • Support the departments and faculties in the identification and assessment of cybersecurity-related risks, working hand in hand to identify mitigation requirements, and ensuring transparency and clarity in the risk management decision-making process. 
  • Working closely with the Security Operations Manager and CISO to provide a realistic overview of risks and threats to AU. Lead the documentation of security controls and their effectiveness.
  •  Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
  • Coordinate internal and external IT and Security audits, working closely with internal and external audit functions.
  • Ensure that controls implemented, adequately address security and compliance requirements.
  • Oversee the implementation of a university-wide information security awareness and training program.

Collaboration 

  • Work closely with all departments (IT, University Relations, Enterprise Risk Management, HR, Privacy, Finance, Internal Audit etc.) and faculties, to ensure a cohesive approach to security. Measure the effectiveness of collaborative efforts through inter-departmental feedback and project outcomes.
  • Manage the process of gathering, analyzing, and assessing the current and future threat landscape.

Reporting and Metrics 

  • Work closely with the Security Operations Manager and CISO to develop and report on cybersecurity metrics to Senior Leadership and the Board.
  • Generate regular reports on security program activities, goals, and performance metrics for senior management and stakeholders. Detailing security program status and providing recommendations for improvements.

Future Readiness 

  • Stay informed on emerging business functions and technologies that impact information security and incorporate them into the program as needed.
  • Propose changes to existing policies, standards and procedures to ensure operating efficiency and regulatory compliance.
  • Work with the CISO to develop budget projections based on short and long-term goals and objectives.

 

The full job description can be viewed at: Manager, IT Governance, Risk and Compliance

 

 



Athabasca First

Wherever possible, AU seeks to attract and hire qualified team members to reside in the Athabasca region. We will offer relocation assistance for the right candidate should you decide to relocate to the Town of Athabasca. As a resident of the town or county of Athabasca, you can choose to work on and from our beautiful campus in Athabasca.

To discover the Town and Region of Athabasca, go to: Visit Athabasca.

What AU Offers: 

Benefits and Pension eligibility differs based on employee group and may include:

  • Defined Benefits Pension Plan
  • Alberta Health Care
  • Extended Health Care
  • Life Insurance, Accidental Death & Dismemberment Insurance
  • Disability Coverage
  • Vacation
  • Office Closure between Christmas and New Year's Day
  • Discretionary Benefit Fund
  • AU Course Allowance
  • A Variety of Leaves (e.g., Maternity/Parental/Adoption, Compassionate Care, etc.)
  • Employee & Family Assistance Program (EFAP)

Educational credentials will be verified before an offer of employment is extended. An offer of employment is conditional upon verification of educational credentials. 

All educational credentials must be recognized in Canada.  

E-Transcripts shared directly from your Post-Secondary Institution via email are acceptable. 

WES https://www.wes.org/ca/ may be used to verify international educational credentials. Processing time for verification of international qualifications may take up to one month; please plan accordingly. 

All qualified candidates are encouraged to apply; however, Canadian Citizens and Permanent Residents will be given priority. 

Athabasca University is committed to employment equity and encourages applications from women, Indigenous Peoples, persons with disabilities, persons of any sexual orientation, persons of any gender identity and expression, and members of visible minorities. 

Where applicants have equal skills, abilities, and experience, candidates residing within or willing to relocate to the County of Athabasca will be given preference.

Working outside of Canada is not supported by Athabasca University. You are legally not permitted to work for Athabasca University if you are living outside of Canada.