CDM Smith is seeking a Senior Data Privacy and IT Compliance Specialist to join our Corporate Business Technology team. This role is critical in safeguarding our information assets and ensuring compliance with data privacy regulations and IT security standards. You will lead third-party risk assessments, support IT General Controls (ITGC) operations, and contribute to the development and maintenance of privacy and compliance programs.

Key Responsibilities include:

Third-Party Risk Management
• Conduct and manage end-to-end vendor security risk assessments.
• Review third-party security documentation (e.g., SOC 2 reports, ISO 27001 certifications).
• Evaluate client security exhibits and ensure compliance with contractual requirements.
• Assess new software for security and privacy risks and recommend appropriate contract terms.

Internal Risk & Compliance
• Perform internal information risk classification and maintain inventories of sensitive data.
• Support ITGC assessments and compliance operations.
• Review Power BI dashboard requests for data privacy and security risks.

Policy, Training & Awareness
• Assist in developing and updating privacy and compliance policies, procedures, and training materials.
• Deliver training and awareness sessions to internal teams and external partners.
Contract & Legal Support
• Collaborate with legal and procurement teams to review and draft data protection clauses in vendor agreements.

Audit & Client Support
• Coordinate with internal and external auditors during compliance reviews.
• Complete security questionnaires for prospective and existing clients.

• Perform other duties as assigned.


#LI-LP1
#LI-REMOTE