Who are we?
TEKsystems' unmatched success in the IT Staffing & Services marketplace is driven by one thing - our employees. Consistently recognized as a top workplace, every year we deploy over 80,000 IT professionals at 6,000 client sites across North America, Europe and Asia. Our deep insights into the IT labor market enable us to help clients achieve their business goals-while optimizing their IT workforce strategies. TEKsystems® is seeking team members who believe in striving for excellence through serving others, building strong business relationships, giving and receiving open and honest feedback, and driving for results with the highest integrity.
The Privacy Analyst I provides support and guidance in the three core functions of Data Subject Request Response, Privacy Guidance, and Day to Day operations for TEKsystems (TEK). The first of these functions is providing guidance in the identification, investigation and resolution of data subject requests and connecting with various business units in order to accurately and succinctly respond to such requests. The second is providing guidance and support in the team's prevention and handling of incidents and mitigating the insider threat risk that may include making recommendations and involvement in the implementation of new security solutions and training for our consultants. In addition, the Privacy Analyst will be responsible for creating assessments as they relate to the consultant/client environment and in accordance with changes in local or federal law and providing updates to leadership. The third is managing the team's participation in the day-to-day operations of data security language review and creation within contracts, request for proposals and master service agreements and providing support to ISAs as needed throughout the review process. The role is expected to be fully aware of the enterprise's privacy and security goals, working in tandem with the Allegis Group Privacy Department, as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals. In addition, the Privacy Analyst will be responsible for the implementation and administration of the records retention policy in conjunction with the TEK-wide data inventory assessment. Both of these projects will require analysis of the information held by TEK and follow-up on its retention and use.
- Lead investigations and be the point person regarding security incidents involving consultants and clients. This will involve interacting with executive TEK leadership as well as executive leadership at the client as needed.
- Develop data security incident details to be communicated to TEK leadership, staff, partners, clients and stakeholders.
- Review all training related materials regarding information security to evaluate in terms of best practices for consultants.
- Participate in contract review/negotiations on information security with TEK departments. Provide training and guidance in conjunction with the legal department on these topics periodically.
- Coordinate associated security and privacy activities with contractor on-boarding as well as end of assignment/de-provisioning steps.
- Assist in tracking effort solution regarding a semi-automated data security training audit.
- Participate in the design and execution of potential client vulnerability assessments, penetration tests and security audits as required to understand the landscape of the client.
- Update and maintain TEK's reference materials and training regarding HIPAA compliance and BAA review and negotiation.
- Assist in implementing and enforcing data retention policies and processes.
- Participate and assist in TEK-wide data mapping exercise and response coordination.
- Partner with TGS and ensure the security scope is accurate for the all solutions deployed by TGS and that the solution is effective such as secure file transfer, ISO 27001 and/or SSAE16 certification and information security and privacy training for certain contractors and internal employees.
- Maintain up-to-date detailed knowledge of privacy regulations and the associated political climate in relation to the drafting and implementation of new privacy law.
- Collaborate with Allegis Group IS leadership and human resources to establish and maintain a system for ensuring that security and privacy policies are met.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.
Strategy & Planning
- Promote and oversee strategic security relationships between TEK and clients, including government and commercial clients.
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the TEK Information Security Business Officer (ISBO).
- Participate in the planning and design of localized Business Continuity Plans under the direction of the ISBO.
- Participate as a member of the TEK security team in governance processes of the organization's security strategies.
- In conjunction with Allegis Group IS and independently as needed, provide resolution to security problems in a cost-effective manner.
- Develop, implement, maintain and oversee enforcement of policies, procedures and associated plans for system security administration and user system access based on industry-standard best practices.
- Remain informed on trends and issues in the security and privacy industry, including current and emerging technologies. Advise local leadership teams and consultants on their relative importance and financial impact.
Formal Education & Certification
- Bachelor's degree in the field of information services, information technology, information systems, business administration paralegal studies, or political science.
- Certifications such as ITILv3/CompTIA and security-related, or CIPP/US, CIPM, and other privacy-related are preferred but not required.
Knowledge & Experience
- 2 years' experience working in the IS or privacy industry
- Ability to respond to incidents, perform analysis tasks, and communicate effectively with your constituency and other external contacts.
- Competent problem solver, must easily adapt to change and be effective in daily activities
- Experience in planning and executing security policies and standards development.
- Knowledge of technology environments, including information security, building security and defense solutions.
- Detailed knowledge of technology efforts regarding IS internal controls, risk management, information security, legal, contractual and litigation concerns, especially as they relate to the General Data Protection Regulation (GDPR)regarding electronically stored data and data mapping.
- Substantial exposure and broad understanding of security hardware platforms, enterprise software applications and outsourced systems.
- Good understanding of computer systems characteristics, features and integration capabilities.
- Understanding of project management principles.
- In-depth knowledge of applicable laws and regulations as they relate to security and privacy.
- Ability to set and manage priorities judiciously and independently.
- Excellent written and oral communication skills.
- Excellent interpersonal skills.
- Strong negotiating skills.
- Ability to present ideas in business-friendly and user-friendly language.
- Exceptionally self-motivated and directed.
- Keen attention to detail.
- Superior analytical, evaluative and problem-solving abilities.
- Exceptional service orientation.
- Ability to motivate in a team-oriented, collaborative environment.
- Ability to understand and align with TEKsystems core values: Relationships, Commitment, Open Communication and Serving Others