Director, Cybersecurity Governance, Risk and Compliance

Current University of Arkansas System employees, including student employees and graduate assistants, need to log in to Workday via MyApps.Microsoft.com, then access Find Jobs from the Workday search bar to view and apply for open positions. Students at University of Arkansas System two-year institutions will also view open positions and apply within Workday by searching for “Find Jobs for Students”.

All Job Postings will close at 12:01 a.m. CT on the specified Closing Date (if designated).

If you close the browser or exit your application prior to submitting, the application process will be saved as a draft. You will be able to access and complete the application through “My Draft Applications” located on your Candidate Home page.
 

Closing Date:

04/04/2025

Type of Position:

IT Security

Workstudy Position:

No

Job Type:

Regular

Work Shift:

Sponsorship Available:

No

Institution Name:

University of Arkansas, Fayetteville

Founded in 1871, the University of Arkansas is a land grant institution, classified by the Carnegie Foundation among the nation’s top 2 percent of universities with the highest level of research activity. The University of Arkansas works to advance Arkansas and build a better world through education, research and outreach by providing transformational opportunities and skills, promoting an inclusive and diverse culture and climate, and nurturing creativity, discovery and the spread of new ideas and innovations.

The University of Arkansas campus is located in Fayetteville, a welcoming community ranked as one of the best places to live in the U.S. The growing region surrounding Fayetteville is home to numerous Fortune 500 companies and one of the nation’s strongest economies. Northwest Arkansas is also quickly gaining a national reputation for its focus on the arts and overall quality of life.

As an employer, the University of Arkansas offers a vibrant work environment and a workplace culture that promotes a healthy work-life balance. The benefits package includes university contributions to health, dental, life and disability insurance, tuition waivers for employees and their families, 12 official holidays, immediate leave accrual, and a choice of retirement programs with university contributions ranging from 5 to 10% of employee salary.

Below you will find the details for the position including any supplementary documentation and questions, you should review before applying for the opening.

If you have a disability and need assistance with the hiring process, please submit a request via the Disability Accommodations | OEOC | University of Arkansas (uark.edu) : Request an Accommodation. Appli­cants are required to submit a request for each position of which they have applied.

For general application assistance or if you have questions about a job posting, please contact Human Resources at 479.575.5351.

Department:

Information Technology Services

Department's Website:

Summary of Job Duties:

The Director, Cybersecurity Governance, Risk, and Compliance (GRC) is a leadership position responsible for overseeing the university's cybersecurity governance, risk management, and compliance programs and associated staff. Reporting to the Chief Information Security Officer (CISO), the GRC Director ensures that the university's information security practices align with regulatory requirements, industry standards, and best practices. This role involves developing and implementing policies, conducting risk assessments, managing compliance initiatives, and fostering a culture of security awareness across the university.

Other duties as assigned.

Regular, reliable, and non-disruptive attendance is an essential job duty, as is the ability to create and maintain collegial, harmonious working relationships with others.

Qualifications:

Minimum Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field

• At least five years of experience in cybersecurity governance, risk management, and compliance, with a minimum of three years in a leadership and management role

• Professional certifications such as CISSP, CISM, CRISC, CGRC, or CISA

• Strong knowledge of information security frameworks, standards, and best practices, as evidenced by application materials

• Experience with risk assessment methodologies and compliance management

• Excellent communication and interpersonal skills, as evidenced by application materials

Preferred Qualifications:

• Master's degree in a related field

• Experience working in a higher education environment

• Additional certifications such as CGEIT, CIPT, or CIPM

• Experience with cloud security and privacy

• Knowledge of data protection regulations such as GDPR, HIPAA, and FERPA

• Proven track record of successfully managing compliance initiatives and risk management programs.

Knowledge, Skills, and Abilities:

• In-depth understanding of cybersecurity governance, risk management, and compliance principles

• Strong understanding of privacy laws and regulations

• Strong analytical and problem-solving skills

• Ability to lead and motivate a team of security professionals

• Excellent project management skills, with the ability to manage multiple projects simultaneously

• Ability to communicate complex security concepts to non-technical stakeholders

• Proven ability to act with a high level of integrity and ethical conduct

Additional Information:

Salary Information:

Commensurate with education and experience

Required Documents to Apply:

Cover Letter/Letter of Application, List of three Professional References (name, email, business title), Resume

Optional Documents:

Proof of Veteran Status

Recruitment Contact Information:

Julia Menke, jmenke@uark.edu, Sr. HR Partner
Crystal Ellis, HR Recruiter, ce031@uark.edu

All application materials must be uploaded to the University of Arkansas System Career Site https://uasys.wd5.myworkdayjobs.com/UASYS  

Please do not send to listed recruitment contact.

Special Instructions to Applicants:

Pre-employment Screening Requirements:

Criminal Background Check, Sex Offender Registry

The University of Arkansas is committed to providing a safe campus community. We conduct background checks for applicants being considered for employment. Background checks include a criminal background check and a sex offender registry check. For certain positions, there may also be a financial (credit) background check, a Motor Vehicle Registry (MVR) check, and/or drug screening. Required checks are identified in the position listing. A criminal conviction or arrest pending adjudication or adverse financial history information alone shall not disqualify an applicant in the absence of a relationship to the requirements of the position. Background check information will be used in a confidential, non-discriminatory manner consistent with state and federal law.

The University of Arkansas seeks to attract, develop and retain high quality faculty, staff and administrators that consistently display practices and behaviors to advance a culture that embeds inclusion, opportunity, educational excellence and unparalleled access for all.

The University of Arkansas is an equal opportunity institution. The University does not discriminate in its education programs or activities (including in admission and employment) on the basis of any category or status protected by law, including age, race, color, national origin, disability, religion, protected veteran status, military service, genetic information, sex, sexual preference, or pregnancy. Federal law prohibits the University from discriminating on these bases. Questions or concerns about the application of Title IX, which prohibits discrimination on the basis of sex, may be sent to the University's Title IX Coordinator and to the U.S. Department of Education Office for Civil Rights.

Persons must have proof of legal authority to work in the United States on the first day of employment.

All application information is subject to public disclosure under the Arkansas Freedom of Information Act.

Constant Physical Activity:

N/A

Frequent Physical Activity:

N/A

Occasional Physical Activity:

N/A

Benefits Eligible:

Yes