Summary
Join our team as a Security and Privacy Compliance Specialist! This remote/hybrid role, preferably based in Utah, requires a highly skilled and detail-oriented individual to ensure compliance with industry standards and regulations. You will play a critical role in safeguarding sensitive data, conducting compliance audits, developing security policies, managing risks, and delivering employee training. The position involves collaborating with cross-functional teams, responding to security incidents, and managing third-party vendors. You will also prepare reports for senior management. This is a fantastic opportunity to contribute to a culture of security awareness and compliance within a growing organization.
Requirements
- Bachelorโs degree in Computer Science, Information Technology, Cybersecurity, or a related field
- Proven experience in information security, privacy compliance, or a related field
- In-depth knowledge of relevant regulations, standards, and frameworks (e.g., GDPR, HIPAA, HITRUST, SOC-2, NIST, ISO-27001, and others.)
- Strong analytical and problem-solving skills, with keen attention to detail
- Excellent communication and interpersonal skills to work effectively with technical and non-technical stakeholders
- Ability to manage multiple projects and meet deadlines in a fast-paced environment
Responsibilities
- Monitor and ensure adherence to relevant security and privacy regulations, such as SOC-2, HIPPA, HITRUST, and others
- Conduct regular compliance audits and risk assessments to identify gaps and recommend corrective actions
- Participate in the Development, implementation, and maintenance of security and privacy policies, procedures, and guidelines
- Ensure documentation is current and accessible to relevant stakeholders
- Identify potential risks to the organizationโs data security and privacy and work with other members of the security team to develop mitigation strategies
- Collaborate with cross-functional teams to implement risk management practices
- Design and deliver training programs to educate employees on security and privacy best practices
- Promote awareness of security threats and ensure employees understand their role in compliance efforts
- Assist in the development and execution of incident response plans
- Participate in investigations of security breaches and privacy violations, ensuring timely reporting to regulatory bodies when necessary
- Assess third-party vendors and partners for compliance with security and privacy standards
- Work with business to establish data protection agreements
- Work with Sales team to onboard new clients by completing and returning security information requests, and questioneers
- Regularly review and analyze security systems and controls to ensure compliance with evolving regulations
- Prepare and present reports to senior management on the organization's security and privacy compliance status
Preferred Qualifications
- Familiarity with data protection technologies and tools (e.g., encryption, DLP, SIEM systems)
- Experience with cloud security and compliance frameworks
- Knowledge of emerging privacy laws and trends
- Professional certifications such as CISSP, CIPP, CIPM, or CISM
Benefits
- Compensation commensurate with experience
- Comprehensive benefits package including medical, dental and vision insurance
- Health Savings Account
- Generous PTO and Holiday Pay
- 401(k) retirement plan
- Remote/virtual-office consideration