Search Jobs
Find your next opportunity today.
Prosum
https://prosum3.wpengine.com/wp-content/uploads/2020/03/JB-Square-200x200-1.png
https://www.prosum.com
https://www.prosum.com
true
Information Compliance Contractor
1 LMU Drive Remote, CA 90045 US
Job Description
Information Compliance Contractor
Pay Range: $65/hour to $76.50/hour
Our client is seeking an experienced Data Privacy & Compliance Consultant to support its ongoing efforts in (1) assessing and enhancing compliance with data protection regulations and (2) strengthening its Disaster Recovery readiness.
This role will work under the direction of the Director of Information Security and Compliance and in collaboration with the ITS department to evaluate the organization’s adherence to privacy laws, identify sensitive data assets, and develop a strategic roadmap for risk reduction. The consultant will lead a cross-departmental data discovery initiative and assess current control effectiveness for sensitive and regulated data in alignment with FERPA, GLBA, HIPAA, GDPR, and, optionally, PCI DSS.
The Contractor will also assess the organization’s DR capabilities, identify gaps and organize tabletop exercises and a full recovery test.
Scope of Work:
The Contractor will work with the CIO and the ISO team and other ITS team members and campus stakeholders to mature and manage the key areas of the ISO including:
Â
Â
Pay Range: $65/hour to $76.50/hour
Our client is seeking an experienced Data Privacy & Compliance Consultant to support its ongoing efforts in (1) assessing and enhancing compliance with data protection regulations and (2) strengthening its Disaster Recovery readiness.
This role will work under the direction of the Director of Information Security and Compliance and in collaboration with the ITS department to evaluate the organization’s adherence to privacy laws, identify sensitive data assets, and develop a strategic roadmap for risk reduction. The consultant will lead a cross-departmental data discovery initiative and assess current control effectiveness for sensitive and regulated data in alignment with FERPA, GLBA, HIPAA, GDPR, and, optionally, PCI DSS.
The Contractor will also assess the organization’s DR capabilities, identify gaps and organize tabletop exercises and a full recovery test.
Scope of Work:
The Contractor will work with the CIO and the ISO team and other ITS team members and campus stakeholders to mature and manage the key areas of the ISO including:
- Regulatory Compliance
- Lead the data discovery process to identify and map sensitive and regulated data across all departments and data systems.
- Categorize data types and classify them according to sensitivity, regulatory scope, and business criticality.
- Evaluate the organization’s current alignment with FERPA, GLBA, HIPAA, GDPR, and optionally PCI DSS.
- Assess current administrative, technical, and physical controls in place to protect sensitive data
- Identify gaps in compliance or control maturity and develop a remediation roadmap with prioritized actions.
- Collaborate closely with ITS, Legal, Risk Management, and departmental stakeholders to gather requirements and validate findings.
- Deliver an assessment report with detailed gap analysis and prioritized recommendations to remediate gaps
- Provide guidance on best practices for data minimization, retention, and classification.
- Support the reboot of the client’s Data Governance and Privacy Working Groups with input and alignment recommendations.
- Document policies and procedures or recommend updates where necessary.
- Assist in preparing summary reports and presentations for senior leadership and auditors.
- Disaster Recovery
- Facilitate updates to the organization’s Disaster Recovery (DR) plans and procedures
- Perform a tabletop exercise of their BC/DR plan/procedures
- Develop a prioritized action plan based on tabletop exercise findings
- Plan and facilitate a full recovery of DR Data and Systems (Summer 2025)
- Policy Update
- Propose updates to the organization’s Privacy policies to be consistent with industry and regulatory requirements
- Propose updates to the organization’s Security policies to be consistent with industry and regulatory requirements
- 7+ years of experience in DR, privacy, data protection, or information security compliance roles.
- Strong knowledge of FERPA, GLBA, HIPAA, GDPR, and general principles of U.S. and international privacy law.
- Hands-on experience with data discovery and classification tools or processes.
- Prior experience in a higher education environment is highly desirable.
- Ability to interpret regulations and apply them to complex institutional environments.
- Experience working cross-functionally with IT, legal, and business teams.
- Strong leadership, organization, and project management skills.
- Excellent written and verbal communication skills, especially in presenting findings to non-technical audiences.
- Highly organized, self-motivated, and results-oriented.
- Privacy certifications such as CIPM, CIPP-US, CIPP-E, or similar.
- Familiarity with PCI DSS and/or experience in payment data environments.
- Experience supporting or leading data governance programs.
- Experience in policy development, risk assessment, or compliance audits.
- Understanding of cloud environments and third-party risk.
- The contractor will report directly to the Director of Information Security and Compliance and provide regular progress updates.
- The contractor will participate in weekly meetings with the ITS team and provide status reports as required.
Â
Â
