IT Specialty Analyst - Privacy

About The Position

Requirements

• Minimum of 3 years of experience in cyber security privacy, cyber governance, compliance, or related roles with a bachelor's degree
• Minimum of 5 years total experience in cyber security privacy, cyber governance, compliance, or related roles without a bachelor's degree
• In-depth understanding of information security frameworks (e.g., ISO 27001, NIST Cybersecurity Framework) and privacy regulations (e.g., HIPAA Privacy Rule, ISO 27701).
• Experience conducting security and privacy risk assessments, audits, and compliance reviews.
• Excellent communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.
• Strong analytical and problem-solving skills, with attention to detail and the ability to prioritize tasks effectively.
• Ability to work independently and collaboratively within a team environment.

Nice To Haves

• Bachelor’s degree in information security, Computer Science, Legal Studies, or related field. (Preferred)
• Professional certifications such as CIPP/E, CIPP/US, CISSP, CISM, or equivalent preferred
• Experience working with privacy-enhancing technologies and tools is a plus.
• Self-starter – owns the role and understands next steps and proactively takes them.

Responsibilities

• Develop, implement, and maintain information security privacy policies, procedures, and standards in alignment with industry regulations and best practices.
• Conduct regular assessments and audits of privacy controls to identify gaps, vulnerabilities, and areas for improvement.
• Collaborate with cross-functional teams to define and document security and privacy requirements for new systems, applications, and processes.
• Assist in the development and execution of security and privacy awareness and training programs for employees to promote a culture of compliance and risk mitigation.
• Monitor regulatory developments and industry trends related to information security and privacy to ensure ongoing compliance and adaptation of policies and procedures.
• Participate in incident response activities related to information security and privacy incidents, including investigations, remediation, and reporting as necessary.
• Serve as a subject matter expert on information security privacy matters, providing guidance and support to internal stakeholders and business units.
• Coordinate with external auditors and regulators during compliance assessments and audits, providing documentation and evidence as required.
• Support the implementation and maintenance of security and privacy-related technologies and tools, such as data loss prevention (DLP) and identity and access management (IAM) systems.
• Collaborate with legal and compliance teams to ensure contractual agreements and vendor relationships comply with applicable information security and privacy requirements.

Benefits

• Medical, Dental, Vision plans
• Adoption, Fertility and Surrogacy Reimbursement up to $10,000
• Paid Time Off and Sick Leave
• Paid Parental & Family Caregiver Leave
• Emergency Backup Care
• Long-Term, Short-Term Disability, and Critical Illness plans
• Life Insurance
• 401k/403B with Employer Match
• Tuition Assistance – $5,250/year and discounted educational opportunities through Guild Education
• Student Debt Pay Down – $10,000
• Reimbursement for certifications and free access to complete CEUs and professional development
• Pet Insurance
• Legal Resources Plan
• Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.