IT Performance and Risk Management Manager

About The Position

Requirements

• Bachelor’s degree in a related field.
• Three (3) years of experience in compliance, risk, governance of IT systems.
• Three (3) years of experience across IT domain such as application development, infrastructure, technical support and operations, or continuity of business which includes two (2) years of experience in a supervisory role, or ten (10) years of any combination of education, experience or training.

Nice To Haves

• Masters degree in a related field
• Risk Management certification
• Experience with helping organizations set up standards and best practices for IT risk management frameworks.
• Experience using Strategic Portfolio Management tools such as ServiceNow and SharePoint.
• Experience with compliance and risk management.

Responsibilities

• Establishes IT policies, processes, and methods to evaluate technology risks, address audit issues, and execute proactive compliance monitoring in alignment with the University, UT System, and State policies.
• Advises and educates IT leadership and business partners on the implementation of compliance programs to mitigate risks.
• Assist the IT organization in documenting the controls related to relevant risk, compliance with laws and regulations, internal controls, and operational processes.
• Manages the effectiveness of the IT Risk Management framework and drives continuous improvement efforts to enhance risk management and compliance practices.
• Ensures that risk and compliance issues are managed and evaluated in a timely manner.
• Monitors, measures, and reports internal compliance issues, recommending strategy, resources, and implementation to achieve compliance.
• Assists in the development and monitoring of IT performance metrics that assess compliance and risks and implement any necessary improvements.
• Engages Information Security and Internal Audit partners to efficiently ensure compliance regulatory/statutory requirements.
• Monitors, measures, and reports on the Unit Effectiveness Process (UEP) including assessment plan and results of assessment.
• Ensures the department services are meeting the intended outcomes defined on the UEP.
• Develops and lead the strategy, roadmap, and implementation plan for an enhanced IT Asset Management function.
• Establishes the right policies, processes and systems supporting the IT Asset management function to optimize asset usage to the organization.
• Manages the lifecycle of IT assets (hardware and software) to reduce risk to the university associated with loss (hardware) or improper use (software licenses).
• Ensures that appropriate resources (people, tools, services) and processes are in place to gather and analyze data relating to technology asset life cycles.
• Establish and monitor key risk/performance indicators (KRIs & KPIs) and ensure compliance with relevant laws, regulations, and industry standards.
• Oversees remediation of digital technology asset-related risks and progress of optimization activity.
• Oversees the organization’s response to software vendor license compliance audits or license validation requests, in collaboration with the vendor management team.
• Stays current on industry best practices, emerging technologies, and regulatory requirements related to hardware and software IT asset risk management.
• Provides ongoing coaching and mentoring to IT Performance and Risk Management staff for professional development and performance.
• Oversee hiring, onboarding, and training for IT Performance and Risk Management staff.
• Oversees the IT organization accessibility policy, including a compliance plan that aligns to statewide EIR accessibility law and administrative rules.
• Provides leadership and guidance to ensure compliance and promote EIR accessibility for the IT organization.
• Educates the IT organization about the requirements to support EIR accessibility.
• Partners with the vendor management team to ensure accessibility requirements are incorporated into procurement processes.
• Performs other duties as assigned