XTN-9A12830 | INFORMATION SECURITY AND DATA PRIVACY OFFICER
Offer summary
Qualifications:
Bachelor's degree in Computer Science or related field., Minimum 5 years of experience in information security., Strong knowledge of HIPAA, SOC II, GDPR., Certification in information security preferred..Key responsibilities:
- Develop and maintain information security programs.
- Conduct regular risk and vulnerability assessments.
1001 - 5000
Employees
Job description
The Information Security and Data Privacy O:icer (ISDPO) is responsible for ensuring the confidentiality, integrity, and availability of sensitive information and data within the organization. The ISDPO will develop, implement, and maintain information security and data privacy policies, procedures, and controls to ensure compliance with relevant regulations, standards, and industry best practices. The ISDPO will also serve as a subject matter expert on HIPAA, SOC II, GDPR, and other compliance requirements.
- Health Insurance/HMO
- Enjoy unlimited MadMax Coffee
- Diverse learning & growth opportunities
- Accessible Cloud HR platform (Sprout)
- Above standard leaves
- Miscellaneous allowance
- Loans
- Compliance and Risk Management:
- Develop and maintain a comprehensive information security and data privacy program that ensures compliance with HIPAA, SOC II, GDPR, and other relevant regulations and standards.
- Identify and assess information security and data privacy risks, and develop strategies to mitigate or remediate those risks.
- Conduct regular risk assessments and vulnerability assessments to identify potential security threats and weaknesses.
- Policy and Procedure Development:
- Develop, implement, and maintain information security and data privacy policies, procedures, and standards that align with industry best practices and regulatory requirements.
- Ensure that all policies and procedures are reviewed, updated, and approved on a regular basis.
- Incident Response and Management:
- Develop and maintain an incident response plan that outlines procedures for responding to security breaches, data breaches, and other security incidents.
- Coordinate incident response activities, including containment, eradication, recovery, and post-incident activities.
- Conduct incident response training and awareness programs for employees.
- Security Awareness and Training:
- Develop and implement security awareness and training programs for employees, including phishing simulations, security training, and data privacy training.
- Ensure that all employees understand their roles and responsibilities in maintaining information security and data privacy.
- Audit and Compliance:
- Conduct regular audits and assessments to ensure compliance with information security and data privacy policies, procedures, and regulations.
- Identify and report any non-compliance issues to management and recommend corrective actions.
- Vendor Management:
- Develop and maintain vendor management policies and procedures that ensure vendors meet information security and
- Conduct vendor risk assessments and due diligence to ensure vendors are compliant with relevant regulations and standards.
- Data Privacy:
- Develop and maintain data privacy policies and procedures that ensure compliance with GDPR, HIPAA, and other relevant regulations.
- Conduct data privacy impact assessments and risk assessments to identify potential data privacy risks.
- Communication and Collaboration:
- Serve as a liaison between the IT department, business units, and other stakeholders to ensure e:ective communication and collaboration on information security and data privacy matters.
- Provide guidance and support to employees on information security and data privacy best practices.
- Staying Current with Industry Developments:
- Stay up-to-date with the latest industry developments, trends, and best practices in information security and data privacy.
- Participate in industry conferences, webinars, and training programs to stay current with emerging threats and technologies
- Bachelor's degree in Computer Science, Information Assurance, or a related field.
- Minimum 5 years of experience in information security, data privacy, or a related field.
- Strong knowledge of HIPAA, SOC II, GDPR, and other relevant regulations and standards.
- Experience with any information security and data privacy frameworks, such as NIST, ISO 27001, and COBIT.
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal skills.
- Ability to work in a fast-paced environment and prioritize multiple tasks and projects.
- Certification in information security or data privacy, such as CISSP, CISM, or CIPP, is preferred
- BPO experience (and setting these compliances up), would be a plus)
As previously mentioned.
Required profile
Experience
Industry :
Real Estate Management & Development
Spoken language(s):
English
Check out the description to know which languages are mandatory. Other Skills
- Analytical Skills
- Collaboration
- Communication
- Problem Solving
Data Protection Officer Related jobs
Information Security Compliance Manager and Data Protection Officer (DPO)
Information Security Compliance Manager and Data Protection Officer (DPO)
30+ days ago
Tiger Resourcing Group
- From: United Kingdom (Full Remote)
- Full time
Data SecurityRisk ManagementGeneral Data Protection Regulation (GDPR)ISO 13485 Standard
Data Protection Senior Executive
Data Protection Senior Executive
30+ days ago
Blip.pt
- From: Malta (Full Remote)
- Full time
Presentation TrainingData Security
HQ - Data Privacy & Protection Associate
HQ - Data Privacy & Protection Associate
15 day ago
Jobandtalent
- From: Spain (Full Remote)
- Full time
Information PrivacyCompliance ManagementData SecurityOneTrust (Software)
Enterprise Storage / Data Protection Systems Engineer - Indonesia
Enterprise Storage / Data Protection Systems Engineer - Indonesia
30+ days ago
Bit by Bit Inc
- From: Indonesia (Full Remote)
- Full time
Data Protection Analyst
Data Protection Analyst
30+ days ago
Cyberhaven
- From: India (Full Remote)
- Full time
Computer ForensicsData SecurityIncident ResponseData Loss Prevention