Security & Privacy Job Description
Security & Privacy Duties & Responsibilities
To write an effective security & privacy job description, begin by listing detailed duties, responsibilities and expectations. We have included security & privacy job description templates that you can modify and use.
Sample responsibilities for this position include:
Security & Privacy Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security & Privacy
List any licenses or certifications required by the position: CIPP, IAPP, CISA, CISSP, CISM, ISO, CIPM, MS, IAIK, IBM
Education for Security & Privacy
Typically a job would require a certain level of education.
Employers hiring for the security & privacy job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Technical, Information Security, Information Technology, Business, Computer Engineering, Engineering, Education, Law, Management Information Systems
Skills for Security & Privacy
Desired skills for security & privacy include:
Desired experience for security & privacy includes:
Security & Privacy Examples
Security & Privacy Job Description
- Provide regulatory risk advice ongoing information about new and changing regulatory developments
- Support projects from CGI Federal’s Baltimore office and project offices outside of the Metropolitan Washington-Baltimore area (some travel may be required)
- Manages the design, development, implementation, and operations of all security technologies for business unit's information security functions
- Support the functions with economic justifications of build vs
- Assists department managers in selection and setup of applications for their usage
- Responsible for interpreting privacy and security regulatory guidelines for US and international agents and guiding the organization on implementation for meeting
- Communicate in a concise and effective manner changes to be implemented to the organization
- Main point of contact for incident management, incident response management, triage and reporting
- Facilitates a privacy framework in accordance with regulatory standards
- Review documentation for conformance to a set of security requirements
- Establishes and develop staff through ongoing training programs, operational procedures, policies, technical skills
- Familiarity the HR Data and HR Systems
- Familiarity with HR Data Privacy concepts and general legislative provisions
- IT security and network infrastructure background (Unix, Windows, MAC, ) preferred
- Familiarity with backend databases like MS SQL, Oracle, MySQL
- Experience in scripting languages like Python, Perl, Javascript, regular expressions, Shell and PowerShell scripting
Security & Privacy Job Description
- Providing guidance to business SMEs on project governance processes
- Partnering with Project Managers to define the requirements elicitation and documentation plan for approved projects
- Assess program infrastructure and data to identify vulnerabilities caused by weaknesses or flaws in a large and complex IT solution
- In collaboration with partners, internal IT teams, and customer(s), develop and implement policies that give managers and employees varying level of access to applications, systems, and data, and monitor access to ensure compliance
- Assists the Privacy and Security Director to manage all Records and Personal Information, including access to (and requests by HMQ for access to or copies of) such Records and Personal Information and protection of the privacy of such Records and Personal Information
- Perform daily activities for assessing, monitoring, and maintaining the operational security of the enterprise, assessing the security impact of configuration and architecture changes, and managing IT security incidents
- Develop and provide necessary security training to reinforce the importance of information security demonstrating good practices and explain the risks of poor security practices
- Collaborate with program and corporate IT and Security teams to adopt and implement best practice security solutions in alignment with local security requirements
- Design and build novel solutions to internal privacy and security challenges
- Design and develop scalable software solutions that provide high performance, high availability, low maintenance, and quick isolation and resolution of issues
- Understanding of common web content management systems like Joomla, DotNetNuke
- Experience with various security like Metaspolit, Nmap, Qualys, mimikatz, Nessus, NeXpose, Kali Linux, BurpSuite, OWASP ZAP, WireShark, Tcpdump, to analyze systems for vulnerabilities, and provide risk reduction recommendations
- Working knowledge of Windows & Linux, TCP/IP, and Web services
- Professional certification (e.g., CISSP, CISM, CompTIA, SANS, ISC2, ) is a plus
- Professional certification is a plus (e.g., CISSP, CIA, CompTIA, SANS GIAC)
- Demonstrated experience working in a healthcare company with knowledge of existing and emerging federal and state requirements related to privacy and security of health information
Security & Privacy Job Description
- Analyzes effectiveness of processes in meeting privacy compliance objectives
- Tests processes and applies mapping and streamlining techniques to improve processes
- Creates and implements plans for new or revised processes
- Trains staff on applicable privacy requirements
- Serves as subject matter expert on privacy requirements
- Developing, implementing and monitoring ongoing compliance for assigned North and South American region to assist Business Unit operations in ensuring privacy programs requirements are met while adhering to established corporate and Business Unit policies and procedures, and to ensure compliance with contractual privacy and security requirements
- Provide subject matter expertise to the assigned North and South American Business Units and Executive Management on the initiative involving the collection, use, and disclosure of personal information
- Working with the Data Security & Privacy Manager and Chief Information Security Office (“CISO”) to maintain and update information security and privacy governance (i.e., policies, procedures, ) through an iterative, committee-based, process involving leaders in Information Technology, Legal, Audit and Privacy
- Assist in the management of the vendor information security risk assessment program
- Driving & building out our E2E Global Security Program
- Proven experience working in healthcare company and maintaining current on emerging federal and state requirements related to privacy and security of health information is preferred
- Previous experience working directly with state and federal regulatory agencies preferred
- Software development, programming and/or scripting experience (Perl, Python, C, Java, PHP, ASP)
- High degree of integrity and confidentiality, ability to adhere to company policies and best practices
- Operating system configuration and security experience (HP-UX, Linux, Solaris, AIX)
- Database Configuration and Security experience (MySQL, Microsoft SQL, IBM DB2, Sybase, Oracle)
Security & Privacy Job Description
- Driving various Regulatory projects
- Improving and embedding daily management activities across our business for Security, Privacy, and Q&R related topics
- The initial 12 – 18 months of this role will mainly focus on - but not be limited to - Security, Privacy and Q&R related projects
- The Privacy Analyst will report to the Information Security Officer and Privacy Officer
- Performs ongoing activities to monitor compliance with the organization’s policies and procedures, contractual obligations, individual privacy rights, and federal and state privacy and security regulations
- Works collaboratively with the Security Office in developing, implementing and evaluating program objectives and requirements
- Creates or updates privacy/security policies, procedures, and training materials
- Tracks and monitors training compliance requirements and initiates communications as needed
- Assists in developing and implementing privacy and security awareness campaigns and communications
- Receives complaints and incident reports, tracks and participates in the investigations, prepares reports, findings and recommendations
- You will use workshops and assessments to help the client understand security and privacy issues, risks, exposures, and vulnerabilities
- At least 5 years experience in Data Security & Privacy
- At least 5 years experience identifying security and privacy issues and developing programs to meet business needs
- AT least 5 years experience helping client's understand security and privacy issues, risks, exposures, and vulnerabilities
- Exposure to ERP Packages, knowledge of fundamental business processes purchasing, payroll, accounts payable, accounts receivable including relevant Information Technology
- Knowledge of system performance monitoring processes, tools and techniques network analyzers, system utilization reports, load balancing
Security & Privacy Job Description
- This position serves as a management analyst on the staff of the Privacy Division with primary responsibility for advising management on the effectiveness of the Agency privacy program
- Focus on revision of Privacy Act systems of record notices (SORNs), the creation of Privacy Act procedural and exemption rules under the Administrative Procedures Act
- Will report and tracking of privacy incidents
- Supports oversight and management of other privacy compliance and risk management efforts
- Analyzes effectiveness of processes in meeting compliance objectives
- Conducts and leads project/projects cross-functional teams in completing various privacy compliance and oversight activities for FEPDO privacy program
- Leads ongoing evaluations of the FEPDO, Plans, internal and external partners security practices, policies, procedures and makes recommendations for programmatic-wide changes and improvements
- Assist with privacy breach incident policies and activities
- Develops policies and procedures, and provides guidance for the appropriate handling of personal health information (PHI) and personally identifiable information (PII) in accordance with OPM requirements and as necessary
- Assists with the implementation, administration and maintenance of organization information privacy process, policies and procedures in coordination with the Privacy Data , legal counsel, business owners and information technology organizations
- Experience with the security and privacy provisions of a variety of regulations and standards such as PCI, NERC/CIP, HIPAA/HITECH/HITRUST, FFIEC, FDIC, ISO 27000 series, NIST sp800 series
- Master’s or PhD in Computer Related field is desirable
- Experience supporting business and IT governance processes
- CCBA, CBAP or equivalent certification
- Experience with fundamental concepts related to IT Service Management
- A minimum of 8-10 years of experience within Data Security and/or Privacy