Information and Security Privacy Analyst
Englewood, CO 80112 | Contract
Zycron has an excellent opportunity for you to work within our client’s Data Leakage Prevention (DLP) Program as an Information and Security Privacy Analyst. Client is seeking candidates already local to the Englewood, CO area. No CTC and no visa sponsorship is available.
- The Information Security and Privacy Analyst will contribute to the organization’s mission and vision by assisting the Manager, Information Security Oversight with the development, monitoring, and governance oversight of the Data Leakage Prevention (DLP) Program.
- The Analyst I will work with business units and privacy teams across the enterprise, gathering information and helping to evolve the DLP program into a functional, effective, yet consistently evolving control program.
- The Analyst will work with the organization’s privacy, internal audit, compliance, and information security departments as well as the third party managed security services provider to ensure the enterprise’s security and privacy strategy is optimally architected to enable the success of the DLP Program.
- This individual is responsible for assessing the incidents generated by the people, processes and technology supporting the DLP Program and ultimately communicating potential risks, risk reduction/mitigation plans, and operational efficiency best practices with business unit resources and leadership to affect positive change and improvements.
- This role will provide oversight to incidents where employees/users may have tried to send confidential data without following internal security policies and then work with Privacy and IT to fine tune rule sets to ensure that the system captures ePHI and confidential data leaving the network without valid business reason to prevent data loss.
- The Information Security and Privacy Analyst position requires a good understanding of the enterprise, business units and information security and privacy practices. The Analyst I will utilize their healthcare operational and regulatory knowledge to ensure a balance is met between the business’ operational needs and security and privacy requirements.
- This position works closely with the National and Regional HIPAA Privacy and Security Officers, ITS Security personnel, and the security services provider management.
- Planning, construction and maintenance of a DLP Program that clearly captures the organization’s most critical assets that could have a major impact on revenue, income, reputation and operations.
- Working on a daily basis with business units who create, store and transmit information as part of the authorized business process as well as the third party managed service provider to enhance and customize the tool as needed.
- Monitor, classify, and escalate DLP events with the DLP system.
- Monitoring of outbound emails with confidential data, escalates any issues to employees and supervisors, or provide training to the end users on security policies related to confidential data protection.
- Reviewing the cue in the DLP system to analyze traffic and data. Assisting the Manager, Information Security Oversight in appending more policies to the DLP monitoring program and expanding responsibilities.
- Generating standardized metrics and ad hoc reports, as needed, for relevant stakeholders.
- Updating skills as necessary to support the Information Security and Privacy environment and remaining knowledgeable of industry standards and advancements.
Experience required and preferred:
- Minimum of three (3) years of experience in healthcare or financial organization setting
- Experience in security or privacy working with Data Loss Prevention (Tier I Level) program
- Experience with Symantec DLP technology or other similar solution DLP technologies
- Experience analyzing network traffic/data and outbound emails, correcting the actions and or training users, escalating issues.
- Knowledge of HIPAA Security Rule and PCI is favorable
- Must have excellent communication skills and ability to work with ambiguity as processes are developed and formalized. Must be detail oriented
- Should be comfortable working closely with the IT Department
If you are interested in learning more about this opportunity, please contact Cindy Raleigh at firstname.lastname@example.org or 702-645-9860.