Security Specialist - Hybrid

  • Raleigh, NC
  • Posted 14 hours ago | Updated 14 hours ago

Overview

Hybrid
Depends on Experience
Contract - W2
Contract - 6 Month(s)

Skills

Microsoft Office
Word
Excel
PowerPoint
Outlook
GRC
Governance Risk and Compliance
Incident Response
HIPAA
NIST 800-53 r4
Cybersecurity
Project Management
Risk Management
data privacy
data standards
data strategy
data protection
data security
program audits
legal compliance
compliance audits
business process
business practices
compliance requirements
information systems
compliance program
information privacy
IT
Legal
Human Resources
Information Security
Information Security Policies
Procedures
Guidelines
Privacy
privacy laws
privacy requirements
privacy reviews
privacy analysis
privacy issues
privacy risk assessments
privacy reports

Job Details

Title: Security Specialist - Hybrid


Mandatory skills:


Microsoft Office, Word, Excel, PowerPoint, Outlook,
GRC, Governance Risk and Compliance, Incident Response,
HIPAA, NIST 800-53 r4, Cybersecurity,
Project Management, Risk Management,
data privacy, data standards, data strategy, data protection, data security,
program audits, legal compliance, compliance audits, business process, business practices,
compliance requirements, information systems, compliance program, information privacy,
IT, Legal, Human Resources, Information Security, Information Security Policies, Procedures, Guidelines, Privacy,
privacy laws, privacy requirements, privacy reviews, privacy analysis, privacy issues, privacy risk assessments, privacy reports

Description:


The client is seeking a self-motivated and strategic professional to oversee the ongoing re-engineering of the client s business processes to encourage an emphasis on data protection/security, and to factor data privacy into its long-term planning efforts including the day-to-day business practices. The incumbent will be responsible for regularly assessing the client s compliance with client privacy law. Additionally, the Privacy Officer will develop and implements appropriate remediation steps if those assessments determine that such steps are necessary.

This position works closely with the Chief Information Security Officer, Risk Management Officer and other departments throughout the client

This role is one of a data strategist and adviser as well as a steward for protection of highly confidential information. The ideal candidate should possess a combination of business knowledge, technical skills, people skills, and the ability to guide data strategy and control standards. The Privacy Officer will report directly to the Risk Management Officer.

Duties and Responsibilities:
Develop and maintain a compliance program for the client Information Security Policies, Procedures, Guidelines, Privacy, client laws
Analyze and evaluate the effectiveness of the Information Security and Privacy program in meeting its requirements and objectives
Participate in activities, including conducting analyses of current practices (program audits), and reporting level of compliance to the CTO and CISO.
Draft and maintain client-wide policies, procedures/plans, and guidelines to ensure the workforce uses and accesses only the minimum necessary data and discloses the data within principal of least privilege.
Maintain data privacy, enforcing specific privacy requirements as it relates to client mandates, and other legal requirements
Collaborate with client staff including IT, Legal, Human Resources, and other clients in fostering information privacy awareness relevant to all programs and services.
Develop and oversee the implementation of corrective action plans that result from auditing and monitoring activities.
Implement training of client staff on privacy issues.
Provide ongoing assessment of programs and services to ensure that the client discloses only the minimum amount of data necessary to perform the 3rd party functions.
Performing periodic privacy risk assessments and related ongoing compliance audits
Participates in, investigating, and resolving privacy-related reports, including potential breach incidents
Participates in, inquiries and investigations into privacy-related questions and complaints from workforce members, government clients, or other sources

Knowledge, Skills and Abilities / Competencies:
B.A./B.S. in Political Science, JDR, Communications, Computer Science, Engineering, Information Assurance, or equivalent experience
Experience using GRC (Governance Risk and Compliance) tools
Experience with Incident Response procedures
General understanding of HIPAA, NIST 800-53 r4 or greater, CJI client guidelines regarding privacy, and concepts of other regulated data privacy laws/standards.
Knowledge of and experience with legal compliance of Cybersecurity and privacy laws.
Excellent written and oral communication skills, with demonstrated ability to distill and translate complex concepts into actionable information for a variety of audiences.
Experience working in the Information Technology auditing or other highly regulated environment.
Experience implementing compliance requirements in a matrixed environment utilizing complex information systems.
Comfortable in effectively presenting information one-on-one and in large groups.
Leadership skills and ability to coordinate and influence cross-functional teams.
Proven record of success in project management, with a particular focus on strategic planning.
Competence in resolving problems/conflicts in a diplomatic and tactful manner; exercising discretion in handling confidential information.
Proficient usage of Microsoft Office products including Word, Excel, PowerPoint and Outlook.
Technically savvy utilizing a variety of electronic data platforms.


Thorough knowledge of the Privacy Act of 1974 and related laws and regulations, client privacy policies and practices to advise client Privacy Officers, program managers, and client counsel and to provide guidance and assistance relating to organizational privacy requirements, reviews, and analysis

Possess one or more of the following certifications:
Certified Information System Auditor (CISA)
Certified Information Privacy Manager (CIPM)
Certified Information Privacy Professional (CIPP)

Typical Experience:
36-60 months

Required/Desired Skills:

Skill - Required / Desired - Amount of Experience:
Experience using GRC (Governance Risk and Compliance) tools - Required - 3 Years
Experience with Incident Response procedures - Required - 3 Years
General understanding of HIPAA, NIST 800-53 r4 or greater, CJI client guidelines regarding privacy - Required - 3 Years
Knowledge of and experience with legal compliance of Cybersecurity and privacy laws. - Required - 3 Years
Excellent written and oral communication skills - Required - 3 Years
Experience working in the Information Technology auditing or other highly regulated environment. - Required - 3 Years
Experience implementing compliance requirements in a matrixed environment utilizing complex information systems. - Required - 3 Years
Possess one or more of the following: CISA, CIPM, CIPP - Nice to have - 3 Years

VIVA USA is an equal opportunity employer and is committed to maintaining a professional working environment that is free from discrimination and unlawful harassment. The Management, contractors, and staff of VIVA USA shall respect others without regard to race, sex, religion, age, color, creed, national or ethnic origin, physical, mental or sensory disability, marital status, sexual orientation, or status as a Vietnam-era, recently separated veteran, Active war time or campaign badge veteran, Armed forces service medal veteran, or disabled veteran. Please contact us at for any complaints, comments and suggestions.

Contact Details :

VIVA USA INC.
3601 Algonquin Road, Suite 425
Rolling Meadows, IL 60008

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About VIVA USA INC