Cybersecurity Data Specialist

Job Title: Cybersecurity Data Specialist

Location: Arlington, VA

Duration: 3 Months with possible extension

Summary

The Security Data Specialist will be responsible for ensuring our organization adheres to cybersecurity regulations, maintains robust security policies, and fosters a culture of security awareness. The ideal candidate will have a strong understanding of regulatory frameworks such as PCI-DSS, HIPAA, NIST CSF2.0 p, and will be instrumental in maturing our cybersecurity posture

Key Responsibilities:

• Develop and implement a comprehensive cybersecurity awareness training program.

• Draft, review, and update cybersecurity policies, standards, and procedures to align with industry best practices and regulatory requirements.

• Ensure policies are communicated effectively across the organization and integrated into operational practices.

• Monitor and ensure compliance with applicable cybersecurity regulations including PCI-DSS, HIPAA, and privacy laws.

• Support compliance initiatives TSA U.S. CAT X Airport cybersecurity mandates.

• Ensure third-party contractors and vendors comply with organizational cybersecurity policies and standards.

• Conduct periodic reviews and assessments of third-party cybersecurity practices.

• Represent cybersecurity in IT and business projects to ensure security requirements are identified and integrated throughout the project lifecycle.

• Serve as the primary liaison for internal and external cybersecurity audits and track audit findings and ensure timely resolution.

• Evaluate existing cybersecurity processes and procedures for effectiveness and efficiency.

• Recommend and implement improvements to enhance security operations and compliance.

• Develop, manage, and deliver cybersecurity awareness training programs for employees and contractors.

• Foster a culture of cybersecurity awareness and responsibility within the organization including the tracking and reporting on key performance indicators (KPIs).

General Experience:

• Knowledge of planning, design, implementation and monitoring of security measures, policies, methods, and procedures which safeguard the integrity of and access to enterprise systems, files, and data elements.

• Knowledge of changing technologies and provide recommendations for the adoption of new technologies or policies.

• Able to recognize and identify potential areas where existing data security policies and procedures require change, or where new ones need to be developed.

• Able to manage risk assessments and security briefings to advise them of critical issues that may affect customer, or corporate security objectives.

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Education, or a related field.

• Minimum of 5 years of experience in cybersecurity, with a focus on frameworks, policies and training and awareness programs.

• Strong knowledge of cybersecurity principles, threats, and best practices.

• Excellent communication and presentation skills.

• Experience with e-learning platforms and training software.

• Ability to work independently and as part of a team.

• Strong organizational and project management skills.

• Relevant certifications (e.g., CISSP, CISM, CISA, CompTIA Security+) are a plus.

Work Hours:

Must be available to work on-site Monday through Thursday, between the hours of 8:00am 5:00pm.