CyberSecurity Data Specialist

Job Title: Security Data Specialist

Location: Arlington VA

Job Type: Full-Time

Summary

The Security Data Specialist will be responsible for ensuring our organization adheres to cybersecurity regulations maintains robust security policies and fosters a culture of security awareness. The ideal candidate will have a strong understanding of regulatory frameworks such as PCI-DSS HIPAA NIST CSF2.0 p and will be instrumental in maturing our cybersecurity posture

Key Responsibilities:

• Develop and implement a comprehensive cybersecurity awareness training program.

• Draft review and update cybersecurity policies standards and procedures to align with industry best practices and regulatory requirements.
• Ensure policies are communicated effectively across the organization and integrated into operational practices.

• Monitor and ensure compliance with applicable cybersecurity regulations including PCI-DSS HIPAA and privacy laws.
• Support compliance initiatives TSA U.S. CAT X Airport cybersecurity mandates.

• Ensure third-party contractors and vendors comply with organizational cybersecurity policies and standards.
• Conduct periodic reviews and assessments of third-party cybersecurity practices.

• Represent cybersecurity in IT and business projects to ensure security requirements are identified and integrated throughout the project lifecycle.

• Serve as the primary liaison for internal and external cybersecurity audits and track audit findings and ensure timely resolution.

• Evaluate existing cybersecurity processes and procedures for effectiveness and efficiency.
• Recommend and implement improvements to enhance security operations and compliance.

• Develop manage and deliver cybersecurity awareness training programs for employees and contractors.

• Foster a culture of cybersecurity awareness and responsibility within the organization including the tracking and reporting on key performance indicators (KPIs).

General Experience:

• Knowledge of planning design implementation and monitoring of security measures policies methods and procedures which safeguard the integrity of and access to enterprise systems files and data elements.
• Knowledge of changing technologies and provide recommendations for the adoption of new technologies or policies.
• Able to recognize and identify potential areas where existing data security policies and procedures require change or where new ones need to be developed.
• Able to manage risk assessments and security briefings to advise them of critical issues that may affect customer or corporate security objectives.

Qualifications:

• Bachelors degree in Cybersecurity Information Technology Education or a related field.
• Minimum of 5 years of experience in cybersecurity with a focus on frameworks policies and training and awareness programs.
• Strong knowledge of cybersecurity principles threats and best practices.
• Excellent communication and presentation skills.
• Experience with e-learning platforms and training software.
• Ability to work independently and as part of a team.
• Strong organizational and project management skills.
• Relevant certifications (e.g. CISSP CISM CISA CompTIA Security) are a plus.

Work Hours/Period of Performance:

Contract staff must be available to work on-site Monday through Thursday between the hours of 8:00am 5:00pm. Services will be provided for 11.5 weeks.