Security & Privacy Specialist

Job Purpose:

Insight Global, LLC is seeking a candidate to serve as a Data Security and Privacy Specialist to assist with the development, implementation, and maintenance of programs designed to meet its regulatory and contractual obligations and to safeguard company and client data.

Duties:

• Lead the Completion of Security and Privacy Questionnaires: Partner with sales, IT and legal teams to support deal cycles through timely and accurate responses to security questionnaires and due diligence requests.
• Conduct Cybersecurity and Data Privacy Reviews of Contracts for Clients and Vendors: Provide information security and data privacy expertise to sales, IT and legal teams during contract negotiations and administration.
• Develop and Implement Process Improvements: Help design and build a common repository of standardized responses, support, and documentation. Identify opportunities to improve our workflows and implement new processes to increase efficiency and consistency.
• Privacy Assessment Coordination: Work with stakeholders throughout the organization to coordinate completion of privacy and data protection impact assessments.
• Consumer Rights Requests: Manage data subject rights requests and process responses.

Skills/Qualifications:

• Bachelor’s degree.
• 3+ years of experience in a cyber security, information security, or GRC (Governance, Risk, and Compliance) role.
• Proven experience reviewing, negotiating, or advising on cyber security contract language and completing complex security questionnaires (e.g., SIG, CAIQ).
• A strong understanding of various cyber security control frameworks (e.g., ISO 27001, NIST, SOC 2) and the ability to articulate our compliance with these frameworks to both technical and non-technical audiences, both inside and outside the organization.
• Working knowledge of data privacy laws and best practices (including CCPA, VCDPA, CPA, TCPA, GDPR, PIPEDA, HIPAA, PCI, etc.).