Lead Cybersecurity Privacy Governance Analyst

Company: Sentara Health
Location: Virginia Beach
Posted on: April 17, 2024

Job Description:

City/State
Virginia Beach, VA

Overview

Work Shift
First (Days) (United States of America)

Sentara is seeking a passionate cyber security professional to join our team as Lead Cyber Privacy Governance Analyst

This position is 100% Remote but candidates must have a current residence in one of the follow states or being willing to relocate -

Alabama , Delaware , Florida, Georgia, Idaho , Indiana, Kansas , Louisiana , Maine Maryland, Minnesota , Nebraska , Nevada, New Hampshire , North Dakota , North Carolina, Ohio, Oklahoma , Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Washington (state), Virginia, West Virginia, Wisconsin, Wyoming

Description

The Senior Cyber Privacy Governance Analyst position is an information cyber privacy SME role that will be responsible for supporting and leading the implementation and administration of Cyber privacy initiatives. The Senior Analyst will identify emerging privacy technology trends/standards, regulatory and compliance requirements, and privacy needs as part of an effort to develop, establish, and maintain a cohesive privacy direction for Sentara Health.

Under direction of Sr Manager, Cyber & Privacy Governance, to identify potential privacy weaknesses and vulnerabilities and recommend privacy controls to mitigate vulnerabilities and reduce overall privacy risks; to assess privacy policies, procedures, and operations to help ensure the organization meets privacy requirements and government regulations for the protection of personal and sensitive information; and to serve as a consultant to top management impacting privacy policy and planning activities. The incumbent will coordinate activities and meetings with departmental staff, prepare privacy training material and Privacy Champions presentations with the Cyber Security Training & Awareness Enterprise Program, which is owned by the Sr Manager, Cyber & Privacy Governance. This chosen individual will also collaborate and support the Enterprise Chief Privacy Office (CPO) efforts and priorities.

The Senior Cyber Privacy Governance Analyst responsibilities are to analyze and develop policies and procedures related to information privacy for Sentara Health, its Regulators, Health Plans, Health Providers, etc., with a Cyber lens focus. Additionally, the incumbent will provide input to strategic decisions that affect the functional area of responsibility in both Cyber Security & the Chief Privacy Office.


Typical Day to Day Operational Tasks:

The following are the duties performed by incumbent candidate in this position. However, incumbent candidate may perform other related duties at an equivalent level.

Employment Requirements:

Training and Experience Note: The required knowledge and abilities are attained through training and experience equivalent to a Bachelor s degree, preferably in Data Communications, Computer Science, Information Systems, Network Engineering, Information Privacy, Privacy Law, or a closely related field.

Preferred Skills:

• CIPT Certification
• Experience translating regulatory requirements (such as GDPR, CCPA/CPRA) into actionable technical specifications.
• Knowledge of Privacy by Design and security standards
• Other privacy certification such as CIPP/E, CIPM, ISEB, ECPC-B DPO, privacy engineering
• Cloud computing and infrastructure (AZURE PREFFERED)
  and
  
  Five (5) years of professional level experience in the privacy, legal, technology, compliance, or information security fields, two (2) years of which must have been working with medium to large scale Healthcare Industry within information privacy or security projects.
  
  
  Knowledge of:
  

  • Privacy risk concepts and principles and the relationship between business needs and privacy regulations;
  • Strategic, tactical, and project planning development and documentation;
  • Applicable security policies and practices;
  • Personally Identifiable Information (PII) inventory, information classification, and privacy threat modeling;
  • Principles of effective communication;
  • Incident response process from a privacy context;
  • Privacy and data security laws and issues;
  • Basic principles of curriculum development and training techniques;
  • English usage, style, grammar, punctuation, and spelling;
  • Information privacy or security forensic tools;
  • Privacy principles, Privacy-by-Design, phases of the Software Development Life Cycle, and related terminology, trends, and activities utilized by medium to large complex organizations;
  • Privacy impact assessment (PIA) methodology, including interviewing and identifying risks;
  • Methods of research and report preparation, writing, and presentation;
  • Current privacy technologies for data mapping;
  • Metrics that demonstrate information security control effectiveness;
  • Types and applications of data de-identification.
    
    Ability to:
    
    • Develop strategies to proactively manage implementation of enterprise-wide initiatives;
    • Vet prospective vendors for privacy compliance;
    • Plan and execute complex projects;
    • Consult on privacy, security, and compliance;
    • Lead interview sessions, PIA activities, and recommend/oversee risk remediation activities and solutions that provide the proper level of privacy protection over personal and sensitive information;
    • Troubleshoot privacy and data protection problems and identify and recommend alternative solutions;
    • Recommend corrective actions to comply with Federal and State regulations and Sentara Health Corporate policies;
    • Perform privacy impact assessments and recommend solutions that provide the proper level of privacy protection over personal and sensitive information;
    • Apply information privacy principles to business processes and information systems;
    • Communicate effectively, both orally and in writing, with people of diverse backgrounds and cultures;
    • Establish and maintain effective working relationships with those contacted in the course of work, at all levels, including colleagues, the public, and representatives of other agencies;
    • Monitor compliance with privacy policies, standards, guidelines, and procedures;
    • Prepare detailed technical reports and other documentation;
    • Work effectively with other staff;
    • Conduct privacy audits.
      Physical Requirements
      
      • May be required to work irregular hours.
        Special Requirements
        
        • Lite Travel involve.
          
          As the third-largest employer in Virginia, Sentara Health was named by Forbes Magazine as one of America's best large employers. We offer a variety of amenities to our employees, including, but not limited to:
          
          
          • Medical, Dental, and Vision Insurance
          • Paid Annual Leave, Sick Leave
          • Flexible Spending Accounts
          • Retirement funds with matching contribution
          • Supplemental insurance policies, including legal, Life Insurance and AD&D among others
          • Work Perks program including discounted movie and theme park tickets among other great deals
          • Opportunities for further advancement within our organization
            Sentara employees strive to make our communities healthier places to live. We're setting the standard for medical excellence within avibrant, creative, and highly productive workplace. For information about our employee benefits, please visit:Benefits - Sentara (sentaracareers.com)
            
            Join our team!We are committed to quality healthcare, improving health every day, and provide the opportunity for training, development, and growth!
            
            **Pay Transparency for states where Sentara Health must share this info:
            
            $100,000 - 130,000 USD/Annually
            
            keywords: Talroo-IT, Indeed, Monster, Circa, LinkedIn, "Analyst", "cybersecurity" , "CIPP", "CIPT", "CIPM"
            
            Job Summary
            
            Responsible for day-to-day support and optimization of software applications, including builds, upgrades, and system enhancements. Analyzes business / clinical needs, evaluate software releases and/or new products, and gives recommendations to optimize processes and decrease expenses. Possesses in-depth business / clinical and application knowledge and experience. Performs and documents workflow assessments to determine functional requirements for optimal utilization of applications. Develops system test plans and performs testing of software upgrades and patches. Maintains a record of test progress and test results. Responsible for problem, incident, and change management and service requests. Provides daily on-call support to the customer base for application-related issues. Works within a cross-functional team and with end-users to achieve application integration to meet business / clinical needs. Responsible for the communication of software issues, requirements, upgrades, and enhancements. Oversees smaller-sized projects or components of projects. Coordinates implementation or project planning around software application releases. Possesses a key certification(s) or other credential(s) which is determined central to the systems or applications supported.
            
            A Specialist Professional is a recognized subject matter expert in job areas typically obtained through advanced education and work experience. Responsibilities typically include: Managing large projects or processes with limited oversight from the manager. Coaching, reviewing, and delegating work to lower-level professionals. Problems faced are difficult and often complex.
            
            Experience in lieu of Bachelor's Degree
            
            8+ years of relevant experience with a degree
            
            10+ years of relevant experience without a degree
            
            Qualifications:
            
            BLD - Bachelor's Level Degree
            
            Skills
            
            Sentara Healthcare prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves.
            
            Per Clinical Laboratory Improvement Amendments (CLIA), some clinical environments require proof of education; these regulations are posted at ecfr.gov for further information. In an effort to expedite this verification requirement, we encourage you to upload your diploma or transcript at time of application.
            
            In support of our mission to improve health every day, this is a tobacco-free environment. Associated topics: attorney, attorney corporate, company, corporate, corporate attorney, counsel, court, lawyer, legal, market

Keywords: Sentara Health, Chesapeake , Lead Cybersecurity Privacy Governance Analyst, Professions , Virginia Beach, Virginia