Data Security Consultant

Data Security Consultant
CT, Stamford

Job Description


GDPR Information/Data Security Consultant

Location: Stamford, Connecticut

Duration: Six to Eight Months

Job Description:

The Data Security Consultant will be responsible for supporting the implementation of client's global data privacy initiatives which includes, activities related to development of data privacy policies and practices required to meet GDPR compliance.

The role of the Data Security Consultant is to work closely with the designated Data Privacy Program Manager, Information Security and Legal Affairs departments in the implementation of data security controls, development of new policies, processes, guidelines and standards. It is also the responsibility of the Data Security Consultant to work with internal and external stakeholders in supporting client’s data privacy posture.

The successful candidate will have experience and knowledge in Information Security and concepts relating to data management, data security, Secure Software Design Life Cycle (S-SDLC), application and system management and security operations (SecOps).

Primary Responsibilities:

  • Work with client’s global privacy team to develop and ensure consistent application of data privacy policies and practices.
  • Provide and support client’s GDPR compliance initiative, including short and long term goals.
  • Assist in developing and maintaining client’s privacy compliance program.
  • Perform data privacy interviews with internal stakeholders on relevant data flows and mappings.
  • Partner with internal clients to implement privacy and security by design, including assisting in identifying and documenting gaps associated with compliance (i.e. GDPR) risks.
  • Support and assist with the global GDPR awareness and guidance training program.
  • Provide administrative support for project team(s) for compliance initiatives.
  • Identify and assess data compliance and data processing risks and opportunities, work collaboratively with all stakeholders to develop and implement appropriate mitigation strategies.
  • Identify and communicate information security, compliance and other security issues to internal stakeholders.
  • Work with the Information Security and Enterprise Technology departments to implement new policies, procedures and technologies in support of the company’s data security posture.
  • Test established data security controls for effectiveness and efficiency.
  • Participate and support a Privacy Impact Analysis (PIA).


  • Four year degree in computer science or related combined work/education experience.
  • Three to five years of experience in information security compliance programs.
  • Certified Information System Auditor (CISA) a plus.
  • Knowledge in Microsoft Windows Server file permissions and Active Directory Services (ADS).
  • Knowledge in IT Infrastructure, Data Management and Data Management Technologies.
  • Experience working within a global, IT organization.
  • Understanding of applications, databases and data flows, including knowledge of SDLC.
  • Ability to analyze complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner.
  • Experience with NIST and ISO/IEC 27001 frameworks and audits.
  • Practical experience in implementing security policies, procedures and technologies.
  • Familiarity with European Data Privacy requirements (e.g. GDPR) a plus.
  • Strong verbal and written communication skills.
  • Excellent interpersonal skills.
  • Strong attention to detail, well-organized, and able to manage time efficiently.
  • Team player with ability to deal effectively with individuals at all levels.
  • High degree of initiative requiring little or no supervision, sound judgment, and the ability to prioritize assignments, solve problems, and meet deadlines.
  • Ability to produce high-quality work in a timely fashion in a fast-paced environment.

Please email resume to

Apply Now