Security And Privacy Compliance Specialist

Summary

Join our team as a Security and Privacy Compliance Specialist! This remote/hybrid role, preferably based in Utah, requires a highly skilled and detail-oriented individual to ensure compliance with industry standards and regulations. You will play a critical role in safeguarding sensitive data, conducting compliance audits, developing security policies, managing risks, and delivering employee training. The position involves collaborating with cross-functional teams, responding to security incidents, and managing third-party vendors. You will also prepare reports for senior management. This is a fantastic opportunity to contribute to a culture of security awareness and compliance within a growing organization.

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field
• Proven experience in information security, privacy compliance, or a related field
• In-depth knowledge of relevant regulations, standards, and frameworks (e.g., GDPR, HIPAA, HITRUST, SOC-2, NIST, ISO-27001, and others.)
• Strong analytical and problem-solving skills, with keen attention to detail
• Excellent communication and interpersonal skills to work effectively with technical and non-technical stakeholders
• Ability to manage multiple projects and meet deadlines in a fast-paced environment

Responsibilities

• Monitor and ensure adherence to relevant security and privacy regulations, such as SOC-2, HIPPA, HITRUST, and others
• Conduct regular compliance audits and risk assessments to identify gaps and recommend corrective actions
• Participate in the Development, implementation, and maintenance of security and privacy policies, procedures, and guidelines
• Ensure documentation is current and accessible to relevant stakeholders
• Identify potential risks to the organization’s data security and privacy and work with other members of the security team to develop mitigation strategies
• Collaborate with cross-functional teams to implement risk management practices
• Design and deliver training programs to educate employees on security and privacy best practices
• Promote awareness of security threats and ensure employees understand their role in compliance efforts
• Assist in the development and execution of incident response plans
• Participate in investigations of security breaches and privacy violations, ensuring timely reporting to regulatory bodies when necessary
• Assess third-party vendors and partners for compliance with security and privacy standards
• Work with business to establish data protection agreements
• Work with Sales team to onboard new clients by completing and returning security information requests, and questioneers
• Regularly review and analyze security systems and controls to ensure compliance with evolving regulations
• Prepare and present reports to senior management on the organization's security and privacy compliance status

Preferred Qualifications

• Familiarity with data protection technologies and tools (e.g., encryption, DLP, SIEM systems)
• Experience with cloud security and compliance frameworks
• Knowledge of emerging privacy laws and trends
• Professional certifications such as CISSP, CIPP, CIPM, or CISM

Benefits

• Compensation commensurate with experience
• Comprehensive benefits package including medical, dental and vision insurance
• Health Savings Account
• Generous PTO and Holiday Pay
• 401(k) retirement plan
• Remote/virtual-office consideration