At Shire, we are proud and grateful to employ military veterans and thank them for their contributions to our company and our country. See where your military experience can play a role at Shire by using our military skills translator job search tool below:
senior data privacy and compliance analyst - secret clearance.
atlanta , georgia
posted september 3, 2024
job details
summary
$63 - $81 per hour
contract
bachelor degree
category computer and mathematical occupations
reference1064175
job details
job summary:
As part of the Information and Cybersecurity Department (ICD), the Senior Laboratory Cybersecurity Ambassador (LCA) / Data Privacy and Compliance Analyst will perform as a senior cyber audit and compliance specialist responsible for managing and driving efficiencies across the Security Regulatory Compliance programs at the laboratory (lab) level, including DFARS 7012, CMMC, based on NIST frameworks such as SP 800-171 and SP 800-53. Foster a security controls culture to reduce overall cyber risk, ensuring control owners understand and are held accountable to operating required controls. Build partnerships across the lab, IT, cyber and leadership and influence others in order to mature the program and maintain regulatory compliance, while minimizing stakeholder impact. The ideal candidate for this role is able to provide leadership and mentoring to the team while also being able to participate in technical audit and compliance activities as needed. They also have both technical expertise and experience, as well as communication and leadership skills to influence and seamlessly collaborate across multiple stakeholder groups. This role reports to the ICD. This position has been designated as hybrid and work will be performed within Eastern Time (ET) Zone in Atlanta, GA. Position will start as a contract with potential or permanent hire. Pay is commensurate with level of experience.
Job Purpose
The Data Privacy and Compliance Analyst is responsible for assessing business policies, procedures, and operations to ensure the organization meets privacy requirements and government regulations for the protection of sensitive information. Privacy and Compliance Analysts manage the legal and operational risks related to sensitive and critical information assets, continuously assess business unit operations, and develop policies, procedures and user training necessary to meet or exceed privacy requirements.
location: ATLANTA, Georgia
job type: Contract
salary: $63 - 81 per hour
work hours: 9am to 5pm
education: Bachelors
responsibilities:
Key Responsibilities
Assists with difficult cybersecurity questions and requests from customers.
Direct sponsor engagement as required to review current and planned requirements for secure infrastructures that require compliance.
Guide requirements gathering and analysis.
Leads validation of security control configuration on systems, ensure all systems are configured to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements.
Articulates privacy requirements into product life-cycle including definition, requirements analysis, synthesis, cyber engineering analysis and implementation.
Conducts privacy impact analyses and identify areas needing improvement and recommend necessary enhancements to achieve privacy goals.
Reviews modifications to critical information systems and directs implementation of configuration changes.
Mentors lower-level cybersecurity and IT professionals across the enterprise.
Required Minimum Qualifications
Experience in cyber-Governance, Risk, and Compliance (GRC).
Experience in a cyber assessment or inspection related role, ideally with experience in cybersecurity incident response.
Solid technical understanding of cybersecurity concepts, standards, guidelines, and principles.
Experience with industry-recognized security compliance frameworks (NIST, PCI-DSS, HIPAA, etc.).
Experience with data aggregation/analytics and/or SIEM tools.
Experience with Endpoint Detection and Response (EDR) solutions.
Experience with Vulnerability Management tools.
Ability to handle time-sensitive situations with a calm and professional attitude while maintaining an appropriate sense of urgency.
Ability to work at a technical level to assessments of IT environments, capable of identifying vectors of threats, vulnerabilities, and areas on non-compliance.
Ability to communicate and present at various levels of technical detail depending on audience, ranging from cybersecurity deep dives to non-technical stakeholders.
Effective project management and organizational skills, including managing multiple, concurrent tasks and meeting deadlines.
Excellent interpersonal skills and ability to create collaborative relationships with colleagues across various groups and levels, and influence without authority.
Demonstrates leadership skills with ability to communicate effectively and work independently, both as part of and leading a team.
Ability to mentor team members at all levels, develop training plans, and foster personal and professional growth within the team.
CompTIA Advanced Security Practitioner (CASP), Certification Authorization Professional (CAP), GIAC Security Leadership Certificate (GSLC), Health Care Information Security and Privacy Practitioner (HCISPP), or equivalent certification.
Preferred Qualifications
Active Secret Clearance.
Master's degree in cybersecurity, information technology, engineering, or a related field.
Experience as an incident manager, commander, or leader.
10+ years of progressive work-related experience in information security, public accounting or internal audit, with a focus on IT controls audits and assessments and/or controls readiness assessments.
Excellent knowledge of technology infrastructure environments including Windows, Mac, Linux, virtual, and cloud.
Experience in an incident response-related role, or a participant in an incident response team.
Experience with the following cybersecurity tools: Splunk, CrowdStrike, Tenable.io, Axonious.
Detail oriented; Exceptional oral and written communication and presentation skills.
Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent certification.
qualifications:
Experience level: Experienced
Minimum 7 years of experience
Education: Bachelors (required)
skills:
Vendor Risk Auditing
Compliance
Systems AnalysisEqual Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).This posting is open for thirty (30) days.