Overview
On Site
USD 70.00 - 75.00 per hour
Contract - W2
Skills
Information Security Governance
Data Security
Risk Assessment
Business Continuity Planning
Oracle Linux
ISO 9000
Roadmaps
Reporting
Gap Analysis
Data Governance
Privacy
Collaboration
Corrective And Preventive Action
Disaster Recovery
Security Awareness
Gramm-Leach-Bliley Act
Regulatory Compliance
Auditing
ISO/IEC 27001:2005
HIPAA
Management
Testing
Recovery
Policies and Procedures
Facilitation
Risk Management
Higher Education
CISA
CISM
IT Governance
CISSP
SAP GRC
Legal
Leadership
Project Management
Communication
Presentations
Organized
Taxes
Life Insurance
Business Transformation
Law
Job Details
TEKsystems is seeking a highly experienced Data Privacy/GRC Consultant to enhance the client's data protection, data privacy, and disaster recovery readiness programs. Responsibilities include data discovery, evaluating regulatory alignment to privacy regulations such as FERPA, GLBA, HIPAA, GDPR, etc. and updating the privacy and security policies within the organization.
This is a fully remote position on a W2 Contract with TEKsystems. It will operate within Pacific Standard Time (PST). Candidates in PST, MST, and CST time zones are preferred. The ideal candidate will have all the necessary experience and be located in Las Angeles, CA or California, but the client is open to other areas of the country. Candidates with a higher education GRC background, CIPP and FERPA specific experience are highly preferred.
Contract length is expected to go through the remainder of 2025 with a high likelihood of extending in 6 months increments to 2026.
Title: Data Privacy/GRC Consultant
Top Skills' Details
Description
The higher education client is seeking an experienced Governance, Risk, and Compliance Consultant to support its ongoing efforts in (1) compliance and risk, (2) audit and assessment, (3) Disaster Recovery readiness, (4) Governance.
This role will work under the direction of the CIO and in collaboration with the ISO and ITS departments to evaluate the university's adherence to privacy laws, identify sensitive data assets, and develop a strategic roadmap for risk reduction and compliance. The consultant will LEAD a cross-departmental data discovery initiative and assess current control effectiveness for sensitive and regulated data in alignment with FERPA, GLBA, HIPAA, and CCPA (or GDPR).
The Consultant will also assess the client's DR capabilities, identify gaps and organize tabletop exercises and a full recovery test.
Scope of Work:
Compliance and Risk - must be capable of managing the entire effort. No comprehensive program exists for this client today.
Lead the data discovery process to identify and map sensitive and regulated data across all departments and data systems.
Categorize data types and classify them according to sensitivity, regulatory scope, and business criticality.
Evaluate the higher education client's current alignment with FERPA, GLBA, HIPAA, and CCPA (or GDPR) regulations
Assess current administrative, technical, and physical controls in place to protect sensitive data
Identify gaps in compliance or control maturity and develop a remediation roadmap with prioritized actions.
Collaborate closely with ITS, Legal, Risk Management, and departmental stakeholders to gather requirements and validate findings.
Deliver an assessment report with detailed gap analysis and prioritized recommendations to remediate gaps
Provide guidance on best practices for data minimization, retention, and classification.
Support the reboot of the Data Governance and Privacy Working Groups with input and alignment recommendations.
Document policies and procedures or recommend updates where necessary.
Assist in preparing summary reports and presentations for senior leadership and auditors.
Review and assess vendor data privacy policies as outlined in existing contracts, identify risks and get vendors into compliance
Audit and Assessment
Support internal and external audits by coordinating evidence gathering, facilitating auditor interviews, and addressing audit findings through detailed management responses and effective mitigation strategies.
Conduct internal security audits and readiness assessments aligned with NIST, ISO 27001, and HIPAA frameworks; analyzed findings and collaborated with stakeholders to develop corrective action plans.
Disaster Recovery
Facilitate updates to the university's Disaster Recovery (DR) plans and procedures
Perform a tabletop exercise of the university's BC/DR plan/procedures
Develop a prioritized action plan based on tabletop exercise findings
Plan and facilitate a full recovery of DR Data and Systems (Summer 2025)
Governance
Establish and maintain policies, standards, and guidelines aligned with regulatory and business requirements.
Facilitate governance boards, steering committees, and executive briefings to promote top-down security awareness and direction.
Experience:
Deep understanding of FERPA, GLBA, HIPAA, and GDPR
Ability to assess compliance gaps and recommend remediation strategies.
Experience with data classification, retention, and minimization best practices.
Proficiency in conducting internal audits and readiness assessments using frameworks like NIST, ISO 27001, and HIPAA.
Skilled in coordinating with auditors, gathering evidence, and crafting effective management responses.
Experience developing and testing DR/BC plans, including tabletop exercises and full recovery simulations.
Ability to translate findings into actionable, prioritized recovery plans.
Strong background in establishing governance frameworks, policies, and procedures.
Skilled in facilitating governance boards and aligning stakeholders across departments.
Ability to work closely with ITS, Legal, Risk Management, and other stakeholders.
Strong communication skills for delivering reports, presenting to leadership, and driving consensus.
Prior experience in a higher education environment is highly desirable.
Preferred certifications may include: CIPP, CIPM, CISA, CISM, GRCP, CGEIT, CISSP, CIRSC, CIPP/US
Skills
GRC
Top Skills Details
GRC
Additional Skills & Qualifications
Ability to interpret regulations and apply them to complex institutional environments.
Experience working cross-functionally with IT, legal, and business teams.
Strong leadership, organization, and project management skills.
Excellent written and verbal communication skills, especially in presenting findings to non-technical audiences.
Highly organized, self-motivated, and results oriented.
Experience Level
Expert Level
Pay and Benefits
The pay range for this position is $70.00 - $75.00/hr.
Eligibility requirements apply to some benefits and may depend on your job
classification and length of employment. Benefits are subject to change and may be
subject to specific elections, plan, or program terms. If eligible, the benefits
available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a fully remote position.
Application Deadline
This position is anticipated to close on Jun 3, 2025.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
This is a fully remote position on a W2 Contract with TEKsystems. It will operate within Pacific Standard Time (PST). Candidates in PST, MST, and CST time zones are preferred. The ideal candidate will have all the necessary experience and be located in Las Angeles, CA or California, but the client is open to other areas of the country. Candidates with a higher education GRC background, CIPP and FERPA specific experience are highly preferred.
Contract length is expected to go through the remainder of 2025 with a high likelihood of extending in 6 months increments to 2026.
Title: Data Privacy/GRC Consultant
Top Skills' Details
- Regulatory Compliance & Data Privacy Expertise - To assess alignment with FERPA, GLBA, HIPAA, GDPR, and guide remediation efforts.
- Risk Assessment & Audit Readiness - To conduct internal audits, support external audits, and develop effective mitigation strategies.
- Disaster Recovery & Business Continuity Planning - To update, test, and execute DR/BC plans, ensuring organizational resilience.
Description
The higher education client is seeking an experienced Governance, Risk, and Compliance Consultant to support its ongoing efforts in (1) compliance and risk, (2) audit and assessment, (3) Disaster Recovery readiness, (4) Governance.
This role will work under the direction of the CIO and in collaboration with the ISO and ITS departments to evaluate the university's adherence to privacy laws, identify sensitive data assets, and develop a strategic roadmap for risk reduction and compliance. The consultant will LEAD a cross-departmental data discovery initiative and assess current control effectiveness for sensitive and regulated data in alignment with FERPA, GLBA, HIPAA, and CCPA (or GDPR).
The Consultant will also assess the client's DR capabilities, identify gaps and organize tabletop exercises and a full recovery test.
Scope of Work:
Compliance and Risk - must be capable of managing the entire effort. No comprehensive program exists for this client today.
Lead the data discovery process to identify and map sensitive and regulated data across all departments and data systems.
Categorize data types and classify them according to sensitivity, regulatory scope, and business criticality.
Evaluate the higher education client's current alignment with FERPA, GLBA, HIPAA, and CCPA (or GDPR) regulations
Assess current administrative, technical, and physical controls in place to protect sensitive data
Identify gaps in compliance or control maturity and develop a remediation roadmap with prioritized actions.
Collaborate closely with ITS, Legal, Risk Management, and departmental stakeholders to gather requirements and validate findings.
Deliver an assessment report with detailed gap analysis and prioritized recommendations to remediate gaps
Provide guidance on best practices for data minimization, retention, and classification.
Support the reboot of the Data Governance and Privacy Working Groups with input and alignment recommendations.
Document policies and procedures or recommend updates where necessary.
Assist in preparing summary reports and presentations for senior leadership and auditors.
Review and assess vendor data privacy policies as outlined in existing contracts, identify risks and get vendors into compliance
Audit and Assessment
Support internal and external audits by coordinating evidence gathering, facilitating auditor interviews, and addressing audit findings through detailed management responses and effective mitigation strategies.
Conduct internal security audits and readiness assessments aligned with NIST, ISO 27001, and HIPAA frameworks; analyzed findings and collaborated with stakeholders to develop corrective action plans.
Disaster Recovery
Facilitate updates to the university's Disaster Recovery (DR) plans and procedures
Perform a tabletop exercise of the university's BC/DR plan/procedures
Develop a prioritized action plan based on tabletop exercise findings
Plan and facilitate a full recovery of DR Data and Systems (Summer 2025)
Governance
Establish and maintain policies, standards, and guidelines aligned with regulatory and business requirements.
Facilitate governance boards, steering committees, and executive briefings to promote top-down security awareness and direction.
Experience:
Deep understanding of FERPA, GLBA, HIPAA, and GDPR
Ability to assess compliance gaps and recommend remediation strategies.
Experience with data classification, retention, and minimization best practices.
Proficiency in conducting internal audits and readiness assessments using frameworks like NIST, ISO 27001, and HIPAA.
Skilled in coordinating with auditors, gathering evidence, and crafting effective management responses.
Experience developing and testing DR/BC plans, including tabletop exercises and full recovery simulations.
Ability to translate findings into actionable, prioritized recovery plans.
Strong background in establishing governance frameworks, policies, and procedures.
Skilled in facilitating governance boards and aligning stakeholders across departments.
Ability to work closely with ITS, Legal, Risk Management, and other stakeholders.
Strong communication skills for delivering reports, presenting to leadership, and driving consensus.
Prior experience in a higher education environment is highly desirable.
Preferred certifications may include: CIPP, CIPM, CISA, CISM, GRCP, CGEIT, CISSP, CIRSC, CIPP/US
Skills
GRC
Top Skills Details
GRC
Additional Skills & Qualifications
Ability to interpret regulations and apply them to complex institutional environments.
Experience working cross-functionally with IT, legal, and business teams.
Strong leadership, organization, and project management skills.
Excellent written and verbal communication skills, especially in presenting findings to non-technical audiences.
Highly organized, self-motivated, and results oriented.
Experience Level
Expert Level
Pay and Benefits
The pay range for this position is $70.00 - $75.00/hr.
Eligibility requirements apply to some benefits and may depend on your job
classification and length of employment. Benefits are subject to change and may be
subject to specific elections, plan, or program terms. If eligible, the benefits
available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a fully remote position.
Application Deadline
This position is anticipated to close on Jun 3, 2025.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.