*Active Secret Clearance required*
The Data Privacy and Compliance Analyst is responsible for assessing business policies, procedures, and operations to ensure the organization meets privacy requirements and government regulations for the protection of sensitive information. Privacy and Compliance Analysts manage the legal and operational risks related to sensitive and critical information assets, continuously assess business unit operations, and develop policies, procedures and user training necessary to meet or exceed privacy requirements.
Key Responsibilities:
Assists with cybersecurity questions and requests from customers
Direct sponsor engagement as required to review current and planned requirements for secure infrastructures that require compliance.
Guide requirements gathering and analysis.
Leads validation of security control configuration on systems, ensure all systems are configured to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements.
Articulates privacy requirements into product life-cycle including definition, requirements analysis, synthesis, cyber engineering analysis and implementation.
Conducts privacy impact analyses and identify areas needing improvement and recommend necessary enhancements to achieve privacy goals.
Reviews modifications to critical information systems and directs implementation of configuration changes.
Mentors lower-level cybersecurity and IT professionals across the enterprise.
Additional Skills & Qualifications:
Experience in cyber-Governance, Risk, and Compliance (GRC).
Experience in a cyber assessment or inspection related role, ideally with experience in cybersecurity incident response.
Solid technical understanding of cybersecurity concepts, standards, guidelines, and principles.
Experience with industry-recognized security compliance frameworks (NIST, PCI-DSS, HIPAA, etc.).
Experience with data aggregation/analytics and/or SIEM tools.
Experience with Endpoint Detection and Response (EDR) solutions.
Experience with Vulnerability Management tools.
Ability to handle time-sensitive situations with a calm and professional attitude while maintaining an appropriate sense of urgency.
Ability to work at a technical level to assessments of IT environments, capable of identifying vectors of threats, vulnerabilities, and areas on non-compliance.
Ability to communicate and present at various levels of technical detail depending on audience, ranging from cybersecurity deep dives to non-technical stakeholders.
Effective project management and organizational skills, including managing multiple, concurrent tasks and meeting deadlines.
Excellent interpersonal skills and ability to create collaborative relationships with colleagues across various groups and levels, and influence without authority.
Demonstrates leadership skills with ability to communicate effectively and work independently, both as part of and leading a team.
Ability to mentor team members at all levels, develop training plans, and foster personal and professional growth within the team.
CompTIA Advanced Security Practitioner (CASP), Certification Authorization Professional (CAP), GIAC Security Leadership Certificate (GSLC), Health Care Information Security and Privacy Practitioner (HCISPP), or equivalent certification.
About TEKsystems:We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.