Located in a historic neighborhood in the nation's capital, Georgetown offers rigorous academic programs, a global perspective, exciting ways to take advantage of Washington, D.C., and a commitment to social justice. Our community is a tight knit group of remarkable individuals interested in intellectual inquiry and making a difference in the world.

Requirements

Regulated Data Program Manager - University Information Services – Georgetown University

Job Overview

The Regulated Data Program Manager is responsible for securing and monitoring all data accessed, transmitted and stored throughout the institution and third party suppliers. They ensure compliance throughout the entire data lifecycle, from inception through disposal, ensuring access to data is managed and maintained following rigorous security, engineering and governance principles.

They work closely with business units and stakeholders to help with data access, ownership and enforcement of policies, rules and safeguards; and collaborate with team members, cybersecurity operations/responders and third parties; and apply their technical proficiency to data protection technologies, including data loss prevention (DLP), cloud access security broker (CASB), data classification, privacy, behavior analytics, encryption and cyber risk principles.

As well, they collaborate with technical and non-technical teams to design, implement and manage data protection processes that reduce risks from noncompliance with regulations, cyber threats and data breaches.

Knowledgeable about cybersecurity frameworks, data storage and identity and access management, and adept at understanding security architecture with internal and hosted services, they provide continual assessment and validation of controls to ensure protection aligns with policies, procedures and risk oversight.

Additionally, the Regulated Data Program Manager works closely with institution stakeholders, contractual and legal points of contact, incident response and cybersecurity operations center staff, and network operations staff.

Candidate  Qualifications

Capability of working with diverse teams and promoting an enterprise-wide positive security culture.Excellent judgment and the ability to make quick decisions when working with complex situationsSelf-starter requiring minimal supervisionOutstanding written and verbal, business and cybersecurity communication skillsHighly organized and efficient, with strong project management, multitasking and organizational skills, and ability to prioritize and complete tasks within defined SLAsDemonstrated understanding and comprehension of a wide range of network and host cybersecurity solutions.Ability to motivate teammates to achieve excellence and willingly shares knowledge.Ability to maintain a high degree of integrity, trustworthiness and confidence; represents the organization and its management team with the highest level of professionalism.Trustworthy and leads by example for others to follow.Track record of successful personnel management.

Position Requirements

Experience managing a regulated data management program and leading technical teams.Excellence in communicating business risk from cybersecurity topics.Strong understanding and demonstrated use of best practices following NITTF, NIST and CERT guidance.Proficiency with driving measurable improvement in detection and response capabilities at scale.Experience managing SIEM, UEBA, IAM, vulnerability management, data loss prevention (DLP), threat intelligence, MITRE ATT&CK framework mapping, security orchestration automation and response (SOAR), and other network and system monitoring tools.Proficiency with security analytics and data lifecycle and retention principles.Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating well.Highly-effective, action-oriented communication up and down the leadership scaleAnalytical and problem-solving mindset.Strategic and tactical thinking, along with decision-making skills.Understanding of one or more of the following: Data Use Agreements (DUAs), ISO 27001, NIST, PCI, HIPAA/HITECH, GDPR, CIS Benchmarks

Experience

3 to 5+ years of cybersecurity or information technology practitioner experience2+ years of related security systems administration with data protection management solutions – preference for some experience with endpoint, network or application security solutionsFamiliarity with administering directory services, databases, role-based access, DLP, data classification and governance solutionsPreference for at least 2+ cloud computing - e.g., Amazon Web Services, Google Cloud Platform or Microsoft Azure) security configuration experiencePreference for 3-5+ years’ experience in security systems administration, with 2+ years’ technical hands-on data protection practitioner experience.Preference for familiarity with regulatory requirements and laws, such as Payment Card Industry (PCI), Federal Education Rights and Privacy Act (FERPA), Gramm-Leach-Bliley Act (GLBA), HIPAA, GDPR, California Consumer Privacy Act (CCPA). Additionally, experience in one or more of the following is required: ISO 17799, ITIL, NIST Cybersecurity Framework (CSF), Defense Federal Acquisition Regulation Supplement (DFARS), DoD Cybersecurity Maturity Model Certification (CMMC).

Education and Certifications

Bachelor's degree in computer science, information assurance, MIS or related field, or equivalentPreference for one or more of CISSP, CIPP, CISA CRISC, CDPSE and GSEC

Work Mode: Telework. Please note that work mode designations are regularly reviewed in order to meet the evolving needs of the University. Such review may necessitate a change to a position’s mode of work designation. Complete details about Georgetown University’s mode of work designations for staff positions can be found on the Department of Human Resources Mode of Work Designation.

Current Georgetown Employees:

If you currently work at Georgetown University, please exit this website and login to GMS (gms.georgetown.edu) using your Net ID and password. Then select the Career worklet on your GMS Home dashboard to view Jobs at Georgetown.

Submission Guidelines:

Please note that in order to be considered an applicant for any position at Georgetown University you must submit a cover letter and resume  for each position of interest for which you believe you are qualified. These documents are not kept on file for future positions.

Need Assistance:

If you are a qualified individual with a disability and need a reasonable accommodation for any part of the application and hiring process, please click here for more information, or contact the Office of Institutional Diversity, Equity, and Affirmative Action (IDEAA) at 202-687-4798 or ideaa@georgetown.edu.

Need some assistance with the application process? Please call 202-687-2500. For more information about the suite of benefits, professional development and community involvement opportunities that make up Georgetown's commitment to its employees, please visit the Georgetown Works website.

EEO Statement:

Georgetown University is an Equal Opportunity/Affirmative Action Employer fully dedicated to achieving a diverse faculty and staff.  All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, national origin, age, sex (including pregnancy, gender identity and expression, and sexual orientation), disability status, protected veteran status, or any other characteristic protected by law.

Benefits:

Georgetown University offers a comprehensive and competitive benefit package that includes medical, dental, vision, disability and life insurance, retirement savings, tuition assistance, work-life balance benefits, employee discounts and an array of voluntary insurance options. You can learn more about benefits and eligibility on the Department of Human Resources website.