We are hiring an IT Security Specialist for our client in San Jose, CA.
Its a long term contract opportunity and will start as Remote intially.
- Builds and applies a strong working knowledge of the Clients mission and objectives, including the Clients privacy strategy and program, as well as knowledge of compliance and privacy concepts and practices (strategies, internal controls, information analysis, reporting, including trending and communication);
- Maintains an awareness of and monitoring advancements in information privacy technologies;
- Conducts privacy-related risk assessments (e.g., Assessment to support privacy integration through Privacy-by-Design, Privacy Impact Assessments), support incident response activities, and assist with integrating privacy into the software development life cycle (SDLC), data sharing projects, and other processes;
- Conducts basic usability evaluations to assess the usability and user acceptance of privacy-related features and processes;
- Identifies, develops, and aligns techniques to aggregate, anonymize, or de- identify data, and understand the limits of de-identification;
- Develops and communicates mitigation actions and design recommendations.
- Coordinates with developers, system owners, and others on remediation activities and alternate solutions to protect data and reduce risk;
- Develops technical solutions to help mitigate privacy vulnerabilities;
- Assists with documenting and assessing privacy risks associated with applications (and solutions in general) that are scheduled to be integrated in information systems; ranking and prioritizing these risks; and following up with developers and other stakeholders on remediation;
- Assists with vetting vendors and help to make sure that adequate privacy protections are embedded in solutions and processes;
- Help to ensure information systems designs adequately incorporate privacy controls around choice, consent, collection, notice, use, retention, and disposal, and third party disclosures where applicable;
- Performs research and advise Privacy Office management on applicable technology privacy trends, best practices, and risks;
- Privacy engineering and design principles, practices, terminology, trends, and usage utilized by large complex organizations;
- Privacy-by-Design, best practices, terminology, and current trends in privacy;
- Knowledge of two or more of the following privacy laws or standards, such as: Fair Information Practice Principles (FIPPs), HIPAA/HITECH, PCI, FCRA, GLBA, FACTA, ISO, GAAP, SOC II, FERPA, COPPA, CCPA, NIST privacy and security standards and guidance, California data breach or other privacy related laws, or other relevant privacy frameworks;
- Information privacy or security forensic tools or privacy enhancing technologies;
- Technical understanding of information systems development, implementation, and maintenance;
If you are interested please send resume to email@example.com.