You’ll work alongside respected professionals, learning about and applying leading practices to manage privacy program capabilities, which includes the processes, people, and technologies. You’ll gain insights into the design and operations of privacy programs and strategies in a variety of industries and learn how to design measurable, sustainable programs to keep up with the ever changing regulatory landscape.
You’ll work with a National practice to assess privacy programs and strategies using our proprietary framework, design solutions to remediate gaps or enhance maturity of specific privacy capabilities, improve measurements and monitoring, and develop sustainable processes to enable our clients to achieve business goals and mitigate their risks. You’ll gain experience applying risk management principles to a cybersecurity environment and leveraging cybersecurity frameworks / standards like ISO/IEC 27001:2013, NIST CSF, NIST 800-53, etc. as well as better understanding privacy regulations -General Data Protection Regulation (EU 2016/679).
- Foster relationships with client personnel at appropriate levels. Consistently deliver quality client services.
- Consistently deliver qu ality client services. Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
- Bachelor’s degree in a related field and approximately 2-3 years of related work experience; or a graduate degree and approximately 2 years of related work experience
- Approximately 1-2 years of working in a Privacy environment assessing client risk and compliance to Global privacy regulations.
- Basic understanding of networking (TCP/IP, OSI model), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS, etc.) and application programming/scripting languages (C, Java, Perl, Shell).
- Demonstrated experience or knowledge in the following areas:
- Secure messaging/email encryption
- Mobile device security
- Disk, file, device, and database encryption
- Data classification and privacy policies
- Digital Rights Management (DRM)
- Logging, monitoring, and security event management
- Secure information storage
- Basic understanding of regulatory requirements and compliance issues affecting clients related to privacy and data protection, such as PCI DSS, GLBA, Basel II, EU Data Protection Directive, International Cross Border, and U.S. State Data Privacy Laws.
- A willingness to travel to meet client needs; travel is estimated at 60-80%; a valid driver’s license in the US
- Strong presentation and communication skills
- CISSP, CISM, CISA, CIPT, CIPM, CRISC or other relevant certification desired
Vacancy Type: Full Time
Job Location: New York, NY, US
Application Deadline: N/A