Security And Privacy Compliance Specialist

closed
AAPC Logo

AAPC

๐Ÿ“Remote - Worldwide

Summary

Join our team as a Security and Privacy Compliance Specialist! This remote/hybrid role, preferably based in Utah, requires a highly skilled and detail-oriented individual to ensure compliance with industry standards and regulations. You will play a critical role in safeguarding sensitive data, conducting compliance audits, developing security policies, managing risks, and delivering employee training. The position involves collaborating with cross-functional teams, responding to security incidents, and managing third-party vendors. You will also prepare reports for senior management. This is a fantastic opportunity to contribute to a culture of security awareness and compliance within a growing organization.

Requirements

  • Bachelorโ€™s degree in Computer Science, Information Technology, Cybersecurity, or a related field
  • Proven experience in information security, privacy compliance, or a related field
  • In-depth knowledge of relevant regulations, standards, and frameworks (e.g., GDPR, HIPAA, HITRUST, SOC-2, NIST, ISO-27001, and others.)
  • Strong analytical and problem-solving skills, with keen attention to detail
  • Excellent communication and interpersonal skills to work effectively with technical and non-technical stakeholders
  • Ability to manage multiple projects and meet deadlines in a fast-paced environment

Responsibilities

  • Monitor and ensure adherence to relevant security and privacy regulations, such as SOC-2, HIPPA, HITRUST, and others
  • Conduct regular compliance audits and risk assessments to identify gaps and recommend corrective actions
  • Participate in the Development, implementation, and maintenance of security and privacy policies, procedures, and guidelines
  • Ensure documentation is current and accessible to relevant stakeholders
  • Identify potential risks to the organizationโ€™s data security and privacy and work with other members of the security team to develop mitigation strategies
  • Collaborate with cross-functional teams to implement risk management practices
  • Design and deliver training programs to educate employees on security and privacy best practices
  • Promote awareness of security threats and ensure employees understand their role in compliance efforts
  • Assist in the development and execution of incident response plans
  • Participate in investigations of security breaches and privacy violations, ensuring timely reporting to regulatory bodies when necessary
  • Assess third-party vendors and partners for compliance with security and privacy standards
  • Work with business to establish data protection agreements
  • Work with Sales team to onboard new clients by completing and returning security information requests, and questioneers
  • Regularly review and analyze security systems and controls to ensure compliance with evolving regulations
  • Prepare and present reports to senior management on the organization's security and privacy compliance status

Preferred Qualifications

  • Familiarity with data protection technologies and tools (e.g., encryption, DLP, SIEM systems)
  • Experience with cloud security and compliance frameworks
  • Knowledge of emerging privacy laws and trends
  • Professional certifications such as CISSP, CIPP, CIPM, or CISM

Benefits

  • Compensation commensurate with experience
  • Comprehensive benefits package including medical, dental and vision insurance
  • Health Savings Account
  • Generous PTO and Holiday Pay
  • 401(k) retirement plan
  • Remote/virtual-office consideration
This job is filled or no longer available