Senior Cyber Privacy Governance Analyst - Remote

Sentara is seeking a passionate cyber security professional to join our team as Senior Cyber Privacy Governance Analyst

This position is 100% Remote but candidates must have a current residence in one of the follow states or being willing to relocate -

Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Washington (state), West Virginia, Wisconsin, Wyoming

Description

The Senior Cyber Privacy Governance Analyst position is an information Cyber Privacy SME role that will be responsible for supporting and leading the implementation and administration of Cyber privacy initiatives. The Senior Analyst will identify emerging privacy technology trends/standards, regulatory and compliance requirements, and privacy needs as part of an effort to develop, establish, and maintain a cohesive privacy direction for Sentara Health.

Under direction of Sr Manager, Cyber & Privacy Governance, to identify potential privacy weaknesses and vulnerabilities and recommend privacy controls to mitigate vulnerabilities and reduce overall privacy risks; to assess privacy policies, procedures, and operations to help ensure the organization meets privacy requirements and government regulations for the protection of personal and sensitive information; and to serve as a consultant to top management impacting privacy policy and planning activities. The incumbent will coordinate activities and meetings with departmental staff, prepare privacy training material and Privacy Champions presentations with the Cyber Security Training & Awareness Enterprise Program, which is owned by the Sr Manager, Cyber & Privacy Governance. This chosen individual will also collaborate and support the Enterprise Chief Privacy Office (CPO) efforts and priorities.

The Senior Cyber Privacy Governance Analyst responsibilities are to analyze and develop policies and procedures related to information privacy for Sentara Health, its Regulators, Health Plans, Health Providers, etc., with a Cyber lens focus. Additionally, the incumbent will provide input to strategic decisions that affect the functional area of responsibility in both Cyber Security & the Chief Privacy Office.

Typical Day to Day Operational Tasks:

The following are the duties performed by incumbent candidate in this position. However, incumbent candidate may perform other related duties at an equivalent level.

Employment Requirements:

Training and Experience Note: The required knowledge and abilities are attained through training and experience equivalent to a Bachelor’s degree, preferably in Data Communications, Computer Science, Information Systems, Network Engineering, Information Privacy, Privacy Law, or a closely related field.

Preferred Skills:

• CIPT Certification
• Experience translating regulatory requirements (such as GDPR, CCPA/CPRA) into actionable technical specifications.
• Knowledge of Privacy by Design and security standards
• Other privacy certification such as CIPP/E, CIPM, ISEB, ECPC-B DPO, privacy engineering
• Cloud computing and infrastructure (AZURE PREFFERED)

and

Five (5) years of professional level experience in the privacy, legal, technology, compliance, or information security fields, two (2) years of which must have been working with medium to large scale Healthcare Industry within information privacy or security projects.

Knowledge of:

• Privacy risk concepts and principles and the relationship between business needs and privacy regulations;
• Strategic, tactical, and project planning development and documentation;
• Applicable security policies and practices;
• Personally Identifiable Information (PII) inventory, information classification, and privacy threat modeling;
• Principles of effective communication;
• Incident response process from a privacy context;
• Privacy and data security laws and issues;
• Basic principles of curriculum development and training techniques;
• English usage, style, grammar, punctuation, and spelling;
• Information privacy or security forensic tools;
• Privacy principles, Privacy-by-Design, phases of the Software Development Life Cycle, and related terminology, trends, and activities utilized by medium to large complex organizations;
• Privacy impact assessment (PIA) methodology, including interviewing and identifying risks;
• Methods of research and report preparation, writing, and presentation;
• Current privacy technologies for data mapping;
• Metrics that demonstrate information security control effectiveness;
• Types and applications of data de-identification.

Ability to:

• Develop strategies to proactively manage implementation of enterprise-wide initiatives;
• Vet prospective vendors for privacy compliance;
• Plan and execute complex projects;
• Consult on privacy, security, and compliance;
• Lead interview sessions, PIA activities, and recommend/oversee risk remediation activities and solutions that provide the proper level of privacy protection over personal and sensitive information;
• Troubleshoot privacy and data protection problems and identify and recommend alternative solutions;
• Recommend corrective actions to comply with Federal and State regulations and Sentara Health Corporate policies;
• Perform privacy impact assessments and recommend solutions that provide the proper level of privacy protection over personal and sensitive information;
• Apply information privacy principles to business processes and information systems;
• Communicate effectively, both orally and in writing, with people of diverse backgrounds and cultures;
• Establish and maintain effective working relationships with those contacted in the course of work, at all levels, including colleagues, the public, and representatives of other agencies;
• Monitor compliance with privacy policies, standards, guidelines, and procedures;
• Prepare detailed technical reports and other documentation;
• Work effectively with other staff;
• Conduct privacy audits.

Physical Requirements

• May be required to work irregular hours.

Special Requirements

• Lite Travel involve.

As the third-largest employer in Virginia, Sentara Health was named by Forbes Magazine as one of America's best large employers. We offer a variety of amenities to our employees, including, but not limited to:

• Medical, Dental, and Vision Insurance
• Paid Annual Leave, Sick Leave
• Flexible Spending Accounts
• Retirement funds with matching contribution
• Supplemental insurance policies, including legal, Life Insurance and AD&D among others
• Work Perks program including discounted movie and theme park tickets among other great deals
• Opportunities for further advancement within our organization

Sentara employees strive to make our communities healthier places to live. We're setting the standard for medical excellence within a vibrant, creative, and highly productive workplace. For information about our employee benefits, please visit: Benefits – Sentara (sentaracareers.com)

Join our team! We are committed to quality healthcare, improving health every day, and provide the opportunity for training, development, and growth!

**Pay Transparency for states where Sentara Health must share this info:

$90,000 - 100,000 USD.

keywords: Talroo-IT, Indeed, Monster, Circa, LinkedIn, "Analyst", "cybersecurity" , "CIPP", "CIPT", "CIPM"

• Bachelor's Level Degree