Kansas State University · 6 hours ago
Director III, Info Technology
Manhattan, KS
Full-time
Onsite
Director/Executive
$110K/yr - $140K/yr
10+ years expKansas State University is seeking a Director of Data Protection, Privacy, and Risk to manage the organization’s IT risk management and cybersecurity governance program. The role involves overseeing IT risk assessment, data protection, compliance monitoring, and security policy development.
EducationSocial EntrepreneurshipUniversities
No H1B
Responsibilities
Establishing, implementing, and managing the organization's IT risk management and cybersecurity governance program
Overseeing IT risk assessment
Data protection including privacy
Third-party risk management (including supply chain security)
Compliance monitoring
Security policy development
Security awareness training
Security exception management
Qualification
Required
Requires a high school diploma (or equivalent) and ten years of relevant experience in a combination of the following: IT risk management and leadership, cybersecurity governance and compliance and/or developing and delivering security programs at scale
Candidates must be legally authorized to work in the U.S. on an ongoing basis without sponsorship
Preferred
Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or related field
Minimum of 8 years of progressive experience in IT risk management, cybersecurity governance, compliance, or related fields
Minimum of 3 years of supervisory or team leadership experience
Demonstrated expertise in IT risk assessment methodologies and frameworks (NIST CSF, ISO 27001/27005, FAIR)
Strong understanding of cybersecurity principles, technologies, and threat landscape
Experience with regulatory compliance requirements relevant to the organization
Master's degree in Cybersecurity, Information Systems, Risk Management, or MBA
Professional certifications such as CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), CGRC (Certified GRC Professional), or CISA (Certified Information Systems Auditor)
Demonstrated success building IT risk management or GRC programs from inception
Extensive experience with third-party risk management and supply chain security
Experience in higher education, healthcare, financial services, or similarly regulated industry
Strong knowledge of privacy regulations (GDPR, CCPA, HIPAA), compliance frameworks (SOC 2, ISO 27001, Secure Control Framework), and regulatory requirements (PCI DSS, GLBA, FERPA, CMMC)
Experience with GRC platforms and risk management tools
Proven ability to communicate complex technical risks to non-technical executives and board members
Experience developing and delivering security awareness programs at scale
Strong project management skills and experience leading cross-functional initiatives
Must maintain currency with evolving cybersecurity threats, regulations, and industry best practices
Strong analytical skills with ability to synthesize complex technical information into executive communications
Excellent written and verbal communication skills with ability to influence stakeholders at all levels
Ability to work independently and manage multiple priorities in a dynamic environment
Strong business acumen and ability to balance security requirements with operational needs
Company
Kansas State University
Kansas State University, commonly shortened to Kansas State or K-State, is a public research university.
5001-10000 employees
Funding
Current Stage
Late StageTotal Funding
$7.55MKey Investors
Kauffman FoundationUS Department of EnergyUS Department of Commerce, Economic Development Administation
2025-05-08Grant
2024-08-27Grant· $7M
2024-02-26Grant
Leadership Team
Alysia Starkey
CEO and Dean
Amy Yersavich
Technical Assistance to Brownfields (TAB) Partner
Recent News
The Journal Record
2025-11-08
Press Telegram
2025-11-03
Company data provided by crunchbase