CISO Consultant Risk and Compliance - part time Job at Unison Systems Inc., Englewood, CO

WVBHS3ptdmR1MWduVUlQQUswTHp3enpzZmc9PQ==
  • Unison Systems Inc.
  • Englewood, CO

Job Description

Our international travel client is looking for a Compliance, Data Security and Risk Consultant for a part-time, contract role.

Location: DTC, remote

Duration: 6 months with an option to extend

Scope

Working directly under the guidance and supervision of our Travel Client’s CISO and Executives; will provide professional services to the Client in connection with assisting, evaluating and building a Data Privacy and Data Compliance program. Consultant needs to have direct work experience operating in a merchant/credit card/retail type environment and has experience with US privacy laws. Consultant needs to have expertise in both GDPR (General Data Protection Regulations) and US regulations. Seeking a consultant who can demonstrate working knowledge in executing and doing; not just developing and implementing, as an example, someone who has executed the necessary steps to deal with a data breach.

Work Activities

  • Advising Management and internal client teams on various matters related to risk management, data privacy, data security, and regulatory compliance
  • Provide work direction to Cyber Security Manager related to risk management, data privacy, Data security, and regulatory compliance
  • Apprising Management regularly of privacy and security risk posture and risk mitigation strategies
  • Informing Management on current developments and changes to privacy regulations, and assessing potential impact on the organization
  • Meeting regularly with Management to discuss internal initiatives and assigned tasks to be performed consultant
  • Identifying areas for organizational involvement and improvement
  • Prioritizing follow-up assessments, actions, and/or activities based on risks and resources
  • Performing mutually agreed-upon and approved assignments with clearly defined deliverable(s), target completion date, and estimated cost and effort for assigned tasks
  • Delivering reports to Management upon completion of assignments
  • Performing other tasks as directed by Management.

Time

Consultant will provide risk management, data privacy, data security, and regulatory compliance advisory and consulting assistance to Client on a weekly basis, with a minimum of 10 hours a week; 40 hours a month for a period of six (6) months

 Develop a privacy program that is aligned with the organization’s business strategy and mission.

Ensure compliance with federal, state, and local privacy regulations and requirements. Plus compliance with applicable international privacy regulations such as GDPR, UK DPA, etc.

Establish risk management due diligence procedures and audits for suppliers and third parties who have access to the organization’s PII and PHI.

Ensure privacy-related matters and risks are adequately addressed and mitigated to an acceptable risk level by management’s risk tolerance and risk appetite.

Review, identify, develop, document, and maintain policies regularly to ensure organizational privacy and security practices are current, and that they are effectively addressing the established organizational privacy standards and requirements.

Stay informed keep abreast of current developments and changes to privacy regulations, and assess their potential impact on the organization.

Inform Management regularly of privacy and security risk posture and risk mitigation strategies. Provide recommendations and budgetary requests for additional resources where necessary

  • Operations (process driven) Develop, update, and implement privacy and security policies and procedures by industry best practices and regulatory requirements.
  • Perform audits and procedures necessary to ensure the privacy and security of PII and PHI, and protect systems from intentional or inadvertent disclosure, access, manipulation, or destruction
  • Develop and implement privacy and security training and education programs for the organization to ensure employees are aware of their roles and responsibilities in protecting the organization's information assets. Ensure security awareness and education training occurs across Client offices
  • Monitor outcomes from periodic testing of employee security awareness, and facilitate remedial education where appropriate.
  • Prepare and maintain guidelines for the organization’s data owners and custodians on appropriate privacy and security policies and procedures on data usage, data sharing, and data destruction.
  • Communicate new, emerging, and changes to privacy laws and regulations to Management, IT Security Council, and other stakeholders Guide the Compliance team and auditors responsible for conducting regular privacy compliance audits and assessments to identify gaps and opportunities for improvement.

 

Monitor high-risk privacy and security areas for general adherence to established policies and procedures

Keep up-to-date with the latest privacy and security matters and regulations, and as needed, make recommendations for adjustments to the privacy and security program.

Participate in the review and analysis of internal projects and external information-sharing issues that may have an impact on data privacy and security.

Collaborate with Management, Client Security Council and technical security professionals, to address privacy and security matters, including audit and validation of implemented safeguards and achievement of privacy goals.

Build a culture of privacy and security awareness and provide mentorship and guidance to help mature td track reported complaints, events, security incidents, etc. including investigating and resolving privacy and security matters, and communicating reportable events to Management and the appropriate authorities.

Participate in assessing security incidents and responses, including investigating and resolving privacy and security breaches, and reporting incidents to the appropriate authorities.

Collaborate with IT She organization’s privacy and security risk posture.

Monitor security and business teams to effect Privacy By Design and Security By Design. Ensure privacy and security principles and security considerations are integrated into all aspects of the organization's technology infrastructure and business operations.

Unison Systems Inc. is a full-service IT consulting firm that offers staffing, consulting, direct-hire recruiting, and solutions delivery services. Core areas of service include: •Software Engineering •Data Management •Project/Program Management •Infrastructure & Support

Job Tags

Full time, Contract work, Part time, Work experience placement, Local area, Remote job,

Similar Jobs

Drexel Building Supply

Shipping/Receiving/Driver Job at Drexel Building Supply

Description: ABOUT DREXEL Drexel Building Supply is a leading provider of quality building materials and services to professional contractors and homeowners throughout Wisconsin. Team Member owned and community-driven, we proudly operate six Drexel retail locations...

Headway

LMFT (Remote) Job at Headway

Remote Licensed Marriage and Family Therapist (LMFT) Wage: Between $86-$130 an hour Are you a Licensed Marriage and Family Therapist looking to launch a private practice, or grow your existing practice? Headway can help you earn more through insurance Headway supports thousands...

ValuedHR Business Services LLC

Looking for Phone/Live Chat/Email Remote Based Customer Service Agents Job at ValuedHR Business Services LLC

 ...help companies streamline their HR processes and improve their overall efficiency...  ...through phone, live chat, and email communication channels. Your primary...  ...freelance position, allowing you to work from the comfort of your own home. Key Responsibilities: - Respond... 

Toll Brothers

Purchasing Coordinator Job at Toll Brothers

 ...Validate pricing and prepare bid spreads for comparison Confirm accuracy and completeness of contracting package and process through DocuSign for signature by trade partner and Toll Process, upload, and index complete signed contracting documents to Feith Aid in... 

IMRI Technology & Engineering Solutions

ETL Developer 1 Job at IMRI Technology & Engineering Solutions

ETL Developer Job Summary: We are seeking a highly skilled ETL Developer to design, build, and maintain robust data pipelines and workflows for geographic and non-geographic data. The ideal candidate will have expertise in extracting, transforming, and loading data, integrating...