Job Details

Smith College
  • Position Number: 3061885
  • Location: Northampton, MA
  • Position Type: Business - Information Systems and Technology
Job Summary

Reporting to the Vice President for Information Technology/Chief Information Officer, the Senior Director for IT Risk Management leads information technology risk management functions and serves on the senior leadership team in the Information Technology Services (ITS) department. In this highly collaborative role, the senior director leads planning and assessment for information technology risk management, spanning security, compliance, technical systems, policies, and services. In partnership with other campus IT leaders and service owners, the senior director ensures that campus IT systems and services employ robust and effective information security procedures, protocols and practices appropriate for the higher education context. The senior director conducts periodic reviews of emerging and industry-leading information security approaches and advises on appropriate directions for secure management, support and delivery of college IT services. The Senior Director oversees IT-related compliance and data privacy efforts and leads related planning, in partnership with IT leadership colleagues. The Senior Director is responsible for the planning, assessment and delivery of training and user education related to information security and compliance, in close collaboration with the senior director of IT change management and other ITS and campus partners. This position will also be expected to take appropriate actions to support a diverse workforce and participate in the College\\\'s efforts to create a respectful, inclusive, and welcoming work environment.

The IT group at Smith is a very engaged community of partners around campus, and a vibrant professional network in the Five Colleges consortium. The administration and board of trustees take risk management seriously and there is much support for the work the person in this role will lead and influence, with many opportunities for growth and positive impact.

Essential Functions

Leadership:

Participate in ITS leadership groups and contribute to strategic, organizational and budget planning for information technology, focused on excellence, effectiveness, innovation, and collaboration. Participate in formal and informal college leadership and governance mechanisms for information technology as assigned.

Management:

Lead, develop, assess, and (in selected areas) co-manage the college's approaches to information security, data privacy, and related compliance mechanisms. Partner with ITS leadership team members and other colleagues who are responsible for direct management and support of IT services to design service delivery practices that are robust and effective from the IT risk management perspective and that ensure business continuity. Manage periodic internal and external reviews of the college's IT risk management practices and readiness; develop and oversee action plans informed by the results of those reviews. Supervise external resources and (where relevant) student workers, casual employees and staff assigned to IT risk management service teams and projects. Develop and implement outreach programs, training strategies and project plans associated with IT risk management priorities, policies, and principles. Lead cross-functional projects connected to the college's information security, compliance and data privacy needs. Coordinate selected sensitive and confidential IT risk management matters. Coordinate with consortial and industry partners on projects, assessments and planning related to the college's IT risk management obligations.

Professional engagement & subject matter expertise:

Maintain expert-level knowledge of technical approaches to information security. Maintain expert-level knowledge of data privacy and compliance frameworks. Calibrate IT risk management protocols, practices and procedures for fit and feasibility in the higher education context. Represent the college and higher education perspectives in technical and industry organizations focused on information security, data privacy, and compliance.

Other Functions

All employees are expected to participate in the College\\\'s efforts to create a respectful, inclusive, and welcoming work environment.

Minimum Qualifications

(knowledge, skills, education, experience, certifications, licenses)

Education/experience: Bachelor's degree or equivalent experience, with at least 7-10 years of progressively responsible experience in technical and team management. Expert-level technical and administrative knowledge of the information technology sector as it pertains to security, compliance, and data privacy regulations, frameworks, and practices. Experience working with individuals from diverse backgrounds.

Skills

  • Expert knowledge in information security practices for a range of technical systems and infrastructure, hosting models, and scale.

  • Expert knowledge in compliance and data privacy regulations and frameworks.

  • Ability to assess information security options, calibrate for higher education culture and practices.

  • Ability to connect to and stay on top of rapidly evolving frameworks, expectations and regulatory contexts.

  • Demonstrated ability to lead change and influence technical practice in highly matrixed technical organizations and cross-functional teams.

  • Ability to think and assess strategically in organizational and technical systems spheres.

  • Ability to apply critical, analytical and innovative thinking to work and align team members' work with institutional and departmental priorities.

  • Ability to assess enterprise technical needs, successfully manage projects, prioritize work, and identify and solve problems in a timely and constructive manner.

  • Excellent written and oral communication skills.

  • Demonstrated skill in managing teams that collaborate across departments in agile, fast-changing environments.

  • Demonstrated continuous learning of new skills, their application and sharing with colleagues.

To apply, visit: https://smithcollege.wd5.myworkdayjobs.com/en-US/smithcollege/job/Smith-College/Senior-Director--IT-Risk-Management_R-202200270

Additional Information

This is a hybrid position.

For the care and safety of our community, Smith College requires that all employees be vaccinated as a condition of employment and as such, the incumbent will be required to be immunized against COVID-19 on or before their first day of employment. Proof of vaccination status will be required. Individuals may seek medical or religious exemption with HR, but must do so prior to their arrival.




jeid-78ddec0637fa364db41630edeb251d9f

By continuing to use our site, you agree to our Terms of Service and Privacy Policy. Learn more about how we use cookies by reviewing our Cookie Policy.