IT Compliance/Cyber Security Administrator

About The Position

Requirements

• Experience working with legal counsel and management.
• Experience working with key departments and committees.
• Experience in developing and implementing privacy and confidentiality consent, authorization forms, and information notices.
• Experience in establishing and administering a process for handling complaints regarding privacy policies and procedures.
• Experience in fostering information privacy awareness.
• Experience in coordinating privacy safeguards with security officers.
• Experience serving as a resource to regulatory and accrediting bodies for privacy and security matters.
• Experience supporting audits concerning privacy laws or regulations.
• Experience in developing and presenting annual reports on privacy-related issues and compliance.
• Experience in developing security training programs.
• Experience in collaborating with a Privacy Officer to develop and implement security policies, procedures, and guidelines.
• Experience in researching and recommending new security measures.
• Experience in monitoring and testing security practices.
• Experience in ensuring security policies and procedures, baselines, risk assessments, risk management, administration, network security, computing asset security, physical security, disaster recovery plans, and third-party service provider security due diligence are in place.
• Experience in maintaining documentation regarding user access levels and reviewing these levels.
• Experience in investigating, responding to, and remediating security incidents.
• Experience in coordinating with a Privacy Officer as outlined in an Incident Response Plan.
• Experience in overseeing third parties performing technical system maintenance.
• Experience in ensuring third parties comply with appropriate security practices.
• Experience in developing and presenting annual reports on security-related issues and compliance.

Responsibilities

• Ensure the organization establishes, maintains, and provides appropriate privacy and confidentiality consent, authorization forms, and information notices.
• Establish and administer a process for receiving, documenting, tracking, investigating, and acting on complaints concerning privacy policies and procedures.
• Initiate, facilitate, and promote activities to foster information privacy awareness.
• Coordinate privacy safeguards with the security officer for consistency in development, documentation, and training.
• Serve as the organization’s resource to regulatory and accrediting bodies for privacy and security matters.
• Support audits concerning state or federal privacy laws or regulations.
• Develop and present an annual report on privacy-related issues and compliance.
• Develop a security training program that supports privacy and information security programs.
• Collaborate with the Privacy Officer to develop and implement security policies, procedures, and guidelines.
• Research and recommend new security measures for implementation.
• Monitor and test security practices for effectiveness.
• Ensure security policies and procedures, baselines, risk assessments, risk management, administration, network security, computing asset security, physical security, disaster recovery plans, and third-party service provider security due diligence are in place.
• Maintain documentation regarding user access levels and periodically review these levels.
• Investigate, respond to, and remediate security incidents in coordination with legal counsel and outside vendors.
• Coordinate with the Privacy Officer as outlined in the Incident Response Plan.
• Oversee third parties performing technical system maintenance and ensure compliance with security practices.
• Develop and present an annual report on security-related issues and compliance.