A distinguished University in Los Angeles is looking for a Data Compliance Consultant to join the Information Security Office to support its ongoing efforts in (1) assessing and enhancing compliance with data protection regulations and (2) strengthening its Disaster Recovery readiness. This role will work under the direction of the Director of Information Security and Compliance and in collaboration with the ITS department to evaluate the University's adherence to privacy laws, identify sensitive data assets, and develop a strategic roadmap for risk reduction. The consultant will lead a cross-departmental data discovery initiative and assess current control effectiveness for sensitive and regulated data in alignment with FERPA, GLBA, HIPAA, GDPR, and, optionally, PCI DSS. The Contractor will also assess data regulation capabilities, identify gaps and organize tabletop exercises and a full recovery test.
Working closely with ITS, Legal, Risk Management, and departmental stakeholders to gather requirements and validate findings, this person will lead the data discovery process to identify and map sensitive and regulated data across all departments and data systems. As they meet with departmental stakeholders this person will create an inventory that categorizes data types and classifies them according to sensitivity, regulatory scope, and business criticality. During this process they will evaluate current alignment with FERPA, GLBA, HIPAA, GDPR, and optionally PCI DSS and assess identify gaps in compliance or control maturity and develop a remediation roadmap with prioritized actions. Within the first phase of this role they will deliver an assessment report with detailed gap analysis and prioritized recommendations to remediate gaps.
Lastly, they will support the following responsivities regarding disaster recovery and policy updates:
o Disaster Recovery
Facilitate updates to Disaster Recovery (DR) plans and procedures
Develop a prioritized action plan based on tabletop exercise findings
Plan and facilitate a full recovery of DR Data and Systems (Summer 2025)
o Policy Update - Propose updates to Privacy policies and security policies.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
-5+ years of experience working with data governance or data compliance
-Knowledgeable about regulatory standards such as FERPA, GLBA, HIPAA, GDPR, and general principles of U.S. and international privacy law
-Skilled in data discovery and assessment reporting as well as providing guidance on best practices regarding data governance and policy
-Prior experience in a higher education environment is highly desirable
-GRC - Governors Risk Compliance tools
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.