We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
New

Information Technology Project Manager (Governance, Risk, and Compliance)

Georgia Tech
United States, Georgia, Atlanta
Jul 18, 2026
Apply for Job
Job ID
301211
Location
Atlanta, Georgia
Full/Part Time
Full-Time
Regular/Temporary
Regular
Add to Favorite Jobs
Email this Job
About Us

Overview
Georgia Tech prides itself on its technological resources, collaborations, high-quality student body, and its commitment to building an outstanding and diverse community of learning, discovery, and creation. We strongly encourage applicants whose values align with our institutional values, as outlined in our Strategic Plan. These values include academic excellence, diversity of thought and experience, inquiry and innovation, collaboration and community, and ethical behavior and stewardship. Georgia Tech has policies to promote a healthy work-life balance and is aware that attracting faculty may require meeting the needs of two careers.

About Georgia Tech
Georgia Tech is a top-ranked public research university situated in the heart of Atlanta, a diverse and vibrant city with numerous economic and cultural strengths. The Institute serves more than 45,000 students through top-ranked undergraduate, graduate, and executive programs in engineering, computing, science, business, design, and liberal arts. Georgia Tech's faculty attracted more than $1.4 billion in research awards this past year in fields ranging from biomedical technology to artificial intelligence, energy, sustainability, semiconductors, neuroscience, and national security. Georgia Tech ranks among the nation's top 20 universities for research and development spending and No. 1 among institutions without a medical school.

Georgia Tech's Mission and Values
Georgia Tech's mission is to develop leaders who advance technology and improve the human condition. The Institute has nine key values that are foundational to everything we do:
1. Students are our top priority.
2. We strive for excellence.
3. We thrive on diversity.
4. We celebrate collaboration.
5. We champion innovation.
6. We safeguard freedom of inquiry and expression.
7. We nurture the wellbeing of our community.
8. We act ethically.
9. We are responsible stewards.

Over the next decade, Georgia Tech will become an example of inclusive innovation, a leading technological research university of unmatched scale, relentlessly committed to serving the public good; breaking new ground in addressing the biggest local, national, and global challenges and opportunities of our time; making technology broadly accessible; and developing exceptional, principled leaders from all backgrounds ready to produce novel ideas and create solutions with real human impact.

The Office of Information Technology (OIT) provides information technology leadership and support to the Georgia Institute of Technology, working in partnership with academic and business units to meet the unique needs of a leading research university. OIT serves as the primary source of enterprise-wide information technology and telecommunications services in support of students, faculty, staff, and researchers.

Location

Atlanta, Georgia (In Person Work, in the office)

Department Information

Ideal Candidate Profile

The ideal candidate is not solely an auditor, project manager, or compliance administrator. Georgia Tech is seeking a senior GRC practitioner who can independently assess current-state capabilities, design practical future-state processes, influence stakeholders without direct authority, and execute meaningful improvements in a complex institutional environment.

An exceptional candidate will be able to:

  • Build and mature GRC programs, not merely operate them.
  • Evaluate risk and compliance posture across multiple regulatory and control domains.
  • Design practical, risk-based processes that reduce burden while improving assurance.
  • Improve vendor and technology risk review processes so they are more consistent, efficient, and valuable to the institution.
  • Develop credible AI governance and AI risk management capabilities.
  • Produce executive-ready recommendations, roadmaps, dashboards, and decision materials.
  • Navigate ambiguity, competing priorities, and decentralized decision-making.
  • Balance cybersecurity risk management with Georgia Tech's academic, research, administrative, and innovation missions
Job Summary

Direct the planning, execution and completion of large scale, technically complex programs and projects. Provide project management leadership for one or more multi-disciplined project teams comprised of technical and subject matter experts, engineers and project managers working in different phases of unrelated projects. Responsible for setting employee goals, assessing employee performance, providing feedback, and making pay recommendations. This position will interact on a consistent basis with: project team members, department heads and managers within OIT and other academic and business offices across campus; contractors and consultants. This position typically will advise and counsel: OIT management, user department heads. This position will supervise: Project team members.

Responsibilities

Job Duty 1 -
Lead project teams through planning, assigning and overseeing diverse activities; define project goals, objectives, scope and estimates of schedules, resources and costs involving multiple projects being conducted simultaneously.

Job Duty 2 -
Direct project execution through continual coordination of planning, tasking, performance reporting, change control and issue management.

Job Duty 3 -
Confer with functional users within an assigned business or service area to develop plans to address business needs; develop and implement change management strategies.

Job Duty 4 -
Initiate communications among project teams, customers and appropriate levels of management.

Job Duty 5 -
Deliver project status reports and presentations.

Job Duty 6 -
Develop and manage project budgets.

Job Duty 7 -
Manage acquisition of project related goods and contract services.

Job Duty 8 -
Provide mentoring, training and career guidance for team members.

Job Duty 9 -
Perform other duties as assigned

Responsibilities

The GRC Program Manager will:

  • Lead the strategic maturation of Georgia Tech's cybersecurity GRC function by applying advanced program management skills, regulatory and compliance expertise, and substantial practical experience in cyber risk and control governance.
  • Define and maintain a cybersecurity GRC roadmap, operating model, process architecture, maturity targets, and success measures.
  • Serve as a trusted advisor to cybersecurity leadership and institutional stakeholders on cyber risk, compliance, governance, control assurance, technology adoption, and emerging GRC issues.
  • Maintain governance structures supporting cyber risk decision-making, escalation, prioritization, accountability, and executive oversight.
  • Oversee control framework management, including control libraries, control mappings, evidence standards, assessment approaches, and issue remediation governance.
  • Evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen Georgia Tech's cybersecurity risk posture and regulatory readiness.
  • Oversee cyber due diligence and ongoing risk monitoring for third-party vendors, SaaS providers, cloud services, partners, and other strategic technology providers.
  • Lead development of AI-focused cybersecurity GRC capabilities supporting Georgia Tech's instructional, research, administrative, and operational functions.
  • Develop executive-level reporting, dashboards, and briefings that provide meaningful insight into risk posture, control effectiveness, compliance readiness, issue remediation, and program maturity.
  • Support audit, regulatory, and assurance activities by coordinating evidence, control narratives, issue remediation, and management responses.
  • Identify opportunities to improve operational efficiency, reduce duplicative effort, automate repeatable GRC tasks, and responsibly apply AI or analytics to improve GRC program effectiveness.
  • Foster cross-functional collaboration across cybersecurity, IT, legal, privacy, procurement, internal audit, compliance, research administration, data governance, accessibility, and other institutional stakeholders.
  • Translate complex cybersecurity, regulatory, and technology risk issues into clear business terms for senior leaders, decision-makers, and non-technical stakeholders.
Required Qualifications

Educational Requirements
Bachelor's Degree or an equivalent combination of education and experience

Required Experience
Eight years job related experience

Required Qualifications

The successful candidate will have:

  • Bachelors degree in cybersecurity, information systems, business administration, public policy, risk management, computer science, or a related field.
  • 10+ years of progressively responsible experience in cybersecurity, governance, risk management, compliance, audit, technology risk, or a related discipline.
  • Proven experience building, transforming, maturing, modernizing, and materially uplifting cyber GRC programs in financial services, higher education, healthcare, government, technology, consulting, or other regulated sectors.
  • Demonstrated deep GRC expertise, including controls, risks, testing approaches, evidence standards, control mapping, issue management, risk registers, POA&Ms, policy governance, vendor risk, and continuous monitoring.
  • Hands-on implementation, assessment, or program leadership experience across multiple frameworks or regulatory domains, such as SOC 2, ISO 27001/27701, HIPAA, PCI-DSS, NIST, FERPA, GLBA, NIST Cybersecurity Framework, NIST SP 800-53, GDPR, or comparable requirements.
  • Familiarity with applying AI, machine learning, analytics, or automation tools to GRC, risk management, compliance, audit, or operational workflows.
  • Strong analytical and detail-oriented skills, including precise control wording, accurate requirement mapping, evidence specificity, issue documentation, and comfort working with spreadsheets and large data sets.
  • Strong program management instincts, including the ability to define process, structure ambiguity, drive prioritization, track execution, and foster cross-functional collaboration.
  • Demonstrated ability to communicate clearly and persuasively with senior leaders, technical teams, auditors, business stakeholders, and institutional partners.
  • Ability to think strategically about institutional risk while connecting those risks to practical operational activities, controls, and decisions.
  • Self-motivated, adaptable, and comfortable operating with a high degree of independence in a complex, decentralized environment.
Preferred Qualifications

Additional Preferred Qualifications
Project Management Institute/Project Management Professional; Building Industry Consulting Service International (BICSI)

Preferred Educational Qualifications
Master's Degree

Preferred Experience
Seven or more years of job-related experience

Preferred Qualifications

Preferred qualifications include:

  • Advanced degree in cybersecurity, information systems, public policy, law, business administration, risk management, or a related field.
  • Experience in higher education, academic medical, research, government, consulting, financial services, or similarly complex regulated environments.
  • Experience developing or operating integrated technology risk review, third-party risk, SaaS review, cloud review, or institutional technology approval processes.
  • Experience developing AI governance, responsible AI, AI risk management, model risk, or AI-enabled technology review processes.
  • Experience with GRC platforms such as ServiceNow GRC/IRM, Onspring, RSA Archer, OneTrust, MetricStream, AuditBoard, LogicGate, or similar tools.
  • Experience with cloud and SaaS security risk assessment.
  • Experience developing executive dashboards, risk reporting, control assurance metrics, audit readiness reporting, or compliance maturity reporting.
  • Experience collaborating with privacy, legal, procurement, accessibility, data governance, export control, research security, internal audit, or institutional compliance stakeholders.
  • Experience in decentralized organizations where influence, relationship-building, and stakeholder engagement are essential to program success.
Proposed Salary

$112,410-$130,000, depending on experience and preferred skills.
Knowledge, Skills, & Abilities

ABILITIES
Strong ability to manage and maintain effective working relationships with a diverse population, perform and effectively, make important decisions under pressure, communicate complex technical subjects to non-technical audiences, and effectively manage/direct team

KNOWLEDGE
Advanced knowledge in the application of information security concepts, principles and practices; expert knowledge translating legal and regulatory requirements into security controls; strong knowledge designing security controls to meet regulatory compliance requirements, provide training, and lead change and adoption; network security applications, and common internet protocols and applications

SKILLS
This job requires highly seasoned skills in project management, budget administration, written and spoken communications, negotiating, staff supervision and public sector acquisitions. Expert knowledge of technical concepts, capabilities and limitations for a broad range of technologies or solutions is required as is an in-depth understanding of matrix management concepts.

USG Core Values

The University System of Georgia is comprised of our 25 institutions of higher education and learning as well as the System Office. Our USG Statement of Core Values are Integrity, Excellence, Accountability, and Respect. These values serve as the foundation for all that we do as an organization, and each USG community member is responsible for demonstrating and upholding these standards. More details on the USG Statement of Core Values and Code of Conduct are available in USG Board Policy 8.2.18.1.2 and can be found on-line at https://www.usg.edu/policymanual/section8/C224/#p8.2.18_personnel_conduct.

Additionally, USG supports Freedom of Expression as stated in Board Policy 6.5 Freedom of Expression and Academic Freedom found on-line at https://www.usg.edu/policymanual/section6/C2653.

Equal Employment Opportunity

The Georgia Institute of Technology (Georgia Tech) is an Equal Employment Opportunity Employer. The Institute is committed to maintaining a fair and respectful environment for all. To that end, and in accordance with federal and state law, Board of Regents policy, and Institute policy, Georgia Tech provides equal opportunity to all faculty, staff, students, and all other members of the Georgia Tech community, including applicants for admission and/or employment, contractors, volunteers, and participants in institutional programs, activities, or services. Georgia Tech complies with all applicable laws and regulations governing equal opportunity in the workplace and in educational activities.

Equal opportunity and decisions based on merit are fundamental values of the University System of Georgia ("USG") and Georgia Tech. Georgia Tech prohibits discrimination, including discriminatory harassment, on the basis of an individual's race, ethnicity, ancestry, color, religion, sex (including pregnancy), national origin, age, disability, genetics, or veteran status in its programs, activities, employment, and admissions. Further, Georgia Tech prohibits citizenship status, immigration status, and national origin discrimination in hiring, firing, and recruitment, except where such restrictions are required in order to comply with law, regulation, executive order, or Attorney General directive, or where they are required by Federal, State, or local government contract.

Other Information

This is not a supervisory position.
This position does not have any financial responsibilities.
This position will be required to drive.
This role is not considered a position of trust.
This position does not require a purchasing card (P-Card).
This position will not travel
This position does not require security clearance.

Other Information

Preferred Certifications

One or more of the following certifications is preferred:

  • CRISC
  • CGRC
  • CISSP
  • CISA
  • CISM
  • CGEIT
  • ISO 27001 Lead Implementer or Lead Auditor
  • PCI ISA, PCIP, or QSA
  • Other comparable governance, risk, compliance, audit, privacy, cloud security, or cybersecurity certifications
Background Check

Successful candidate must be able to pass a background check. Please visit https://usg.policystat.com/policy/19298143/latest/

Applied = 0

(web-77cf7d65c7-wz29x)