Cyber Security and Data Privacy Architect

Cyber Security and Data Privacy Architect

Job Title: Cyber Security and Data Privacy Architect

Location: Remote

Job Category: Information Technology

Northstar Travel Group is seeking a Cyber Security and Data Privacy Architect.  The Cyber Security and Data Privacy Architect (“the Architect”) will protect Company systems and

information and assure business continuity by taking steps to mitigate the risks associated with collecting, storing, and transmitting data. The Architect will implement security measures that help prevent security breaches as well as analyze and mitigate any potential breaches, ensuring privacy, and against the loss of data.

The Architect will provide solutions to protect the company from a constantly evolving hostile

environment of cybercrimes and cybercriminals, intent on causing harm through service

interruptions, identity and financial theft, and unauthorized use of company information, Intellectual Properties, and communication channels. This position will work closely with and

informs Information Technology, Software Engineering, Audience Development, Marketing, and other cross functional departments of industry trends, data protection regulations and best practices in protecting the organization.

 

This is a remote position and is open to candidates based in the United States.  

 

Responsibilities:

Information Security

  • Provide direction for Northstar’s data and cybersecurity protection and oversee Technology governance and policies
  • Oversee and improve existing security strategies, awareness programs, architecture, and incident response. Identify and close gaps in these areas. Provide strategic risk guidance for IT projects, including evaluation and recommendation of technical controls
  • Educate IT, Engineering, Audience Development, Marketing and other cross functional departments on appropriate security risk and mitigation strategies
  • Execute internal and coordinate external audits to ensure organization protection measures are in compliance with relevant laws, regulations and policies
  • Develop and maintain up-to-date security policies, standards and guidelines. Effectively disseminate such directives to the Northstar community.
  • Evaluate new and evolving cybersecurity threats and IT trends and develop effective security controls with a cross functional team
  • Evaluate potential security breaches, coordinate response, and recommend corrective actions
  • Develop and oversee effective disaster recovery policies and standards to align with company business continuity management program goals
  • Protect systems by defining access privileges and control structures          
  • Document and report data security violations
  • Organize and conduct periodic vulnerability tests and “ethical hacks” of the existing security architecture; report on results and find resolution to open issues
  • Monitor the network and provide early warning of abnormalities or problems.
  • Upgrade system by implementing and maintaining security controls.
  • Oversee and review vendor, client, and related contracts across the organization to assure security compliance

Data Privacy Regulations

  • Maintain, review and develop as needed data privacy standards, procedures and policies to protect company and customer data
  • Work closely with other cross functional departments and lead Data Privacy initiatives and related communications
  • Monitor, advise and align organization with regards to evolving Data Privacy and data protection laws
  • Review and create policies that enforce compliance with legislation and deliver Data Privacy trainings across the organization to increase data privacy and protection measures
  • Perform routine audits and recommend changes to procedures to comply with data privacy regulations
  • Serve as Northstar’s Data Privacy Officer
  • Other duties and responsibilities as assigned

 

Required Knowledge, Skills, Abilities and Experience

  • At least five years of experience in system support along with commensurate experience monitoring security risks and protocols
  • Strong analytic and problem-solving skills
  • Strong technical documentation skills and fundamental knowledge of networks, ports, protocols, and infrastructure setup and data storage
  • Proven knowledge of international and national data protection laws
  • Knowledge of information security standards, regulations, and laws including PCI, FERPA, HIPAA, OWASP, and NIST 800 series
  • Experience presenting complex security concepts to a variety of stakeholders and audience (e.g. end-user training, recommendations to IT peers, executive-level briefings)
  • Availability and flexibility to work on-call in the event of a disaster recovery, security breach or other emergency]
  • Experience in creating and maintaining management schedules to ensure on-time delivery of information security projects

 

Formal Education or Equivalent:

  • BA/BS degree in system administration, network security, network administration or equivalent training and work experience
  • Certificate in appropriate area a plus (e.g. CISSP, CIPT, CISM, etc)

           

Please send your cover letter with compensation requirements and your resume to [email protected]   We offer a competitive compensation package, strong benefits and a dynamic and exciting culture. 

All Northstar employees are required to be fully vaccinated against COVID-19 and demonstrate documentation toward the same.

At Northstar we are laser focused on diversity. We embrace, value and champion our employees’ diverse backgrounds and experiences that make them unique. We understand that cultivating a culture of diversity and inclusion will make us stronger. We are a proud equal opportunity employer.