Cybersecurity Data Specialist

Position Summary

We are seeking a Security Data Specialist to support cybersecurity governance, compliance, and security awareness initiatives. This role is responsible for developing security policies, managing cybersecurity compliance activities, supporting audits, and implementing enterprise-wide security awareness programs. The ideal candidate will have strong knowledge of cybersecurity frameworks such as PCI-DSS, HIPAA, NIST CSF 2.0, and experience working with both internal teams and third-party vendors to mature the organization s cybersecurity posture.

Key Responsibilities

• Develop, maintain, and deliver a comprehensive cybersecurity awareness and training program for employees and contractors.
• Draft, review, and update cybersecurity policies, standards, and procedures to align with regulatory requirements and industry best practices.
• Communicate policies and ensure adoption across operational teams.
• Monitor compliance with cybersecurity regulations including PCI-DSS, HIPAA, and applicable privacy laws.
• Support compliance initiatives related to federal and industry cybersecurity mandates.
• Ensure third-party vendors and contractors adhere to cybersecurity policies and standards.
• Conduct periodic reviews of vendor cybersecurity practices and report findings.
• Represent cybersecurity in IT and business projects to ensure security requirements are integrated throughout the project lifecycle.
• Act as the primary liaison for internal and external cybersecurity audits; track findings and ensure timely remediation.
• Evaluate cybersecurity processes for effectiveness and recommend improvements.
• Track and report cybersecurity performance metrics and KPIs to support continuous improvement.
• Promote a culture of cybersecurity awareness and responsibility across the organization.

General Experience

• Knowledge of planning, designing, implementing, and monitoring security controls, policies, and procedures that safeguard enterprise systems and data.
• Ability to stay current with emerging technologies and recommend new security practices or policies.
• Ability to identify gaps in security policies and recommend necessary changes.
• Experience conducting risk assessments and delivering security briefings to leadership or teams.

Qualifications

• Bachelor s degree in Cybersecurity, Information Technology, Education, or a related field.
• 5+ years of professional experience in cybersecurity, with an emphasis on frameworks, governance, policies, compliance, and security awareness training.
• Strong understanding of cybersecurity principles, threats, vulnerabilities, and best practices.
• Excellent communication, presentation, and documentation skills.
• Experience using e-learning or training software platforms.
• Strong organizational, analytical, and project management skills.
• Ability to work both independently and collaboratively within cross-functional teams.
• Relevant certifications (e.g., CISSP, CISM, CISA, Security+) are preferred