GRC COMPLIANCE ANALYST

Location: 901 Corporate Center Dr., Raleigh, NC 27607
Duration: 6+ Months
Interview: Webcam Interview Only
Work Arrangement: Hybrid (Onsite once per week required)

POSITION OVERVIEW

The North Carolina Administrative Office of the Courts (NCAOC) seeks a motivated, strategic Security Specialist (Privacy Officer) to lead business process re-engineering with an emphasis on data protection, security, and privacy compliance. This role involves strategic planning, ongoing compliance assessments, and cross-functional collaboration, reporting directly to the Risk Management Officer.

REQUIRED SKILLS & EXPERIENCE

• Minimum 3 years’ experience with each of the following:
• Governance Risk and Compliance (GRC) tools
• Incident response procedures
• Information Technology auditing or highly regulated environments
• Implementing compliance in matrixed/complex information system environments
• Legal compliance with cybersecurity and privacy laws
• Complex standards such as HIPAA, NIST 800-53 r4+, CJI guidelines
• Excellent written/oral communication skills
• Demonstrated strategic planning/project management
• Comfortable in individual and group presentation settings
• Diplomacy, discretion, and problem/conflict resolution in confidential matters
• Proficient in Microsoft Office (Word, Excel, PowerPoint, Outlook); comfortable with various data platforms

PREFERRED QUALIFICATIONS

• Bachelor’s degree in Political Science, Law (JD), Communications, Computer Science, Engineering, Information Assurance, or equivalent experience
• One or more of the following certifications (or working toward):
• Certified Information System Auditor (CISA)
• Certified Information Privacy Manager (CIPM)
• Certified Information Privacy Professional (CIPP)
• Knowledge of Privacy Act of 1974 and related state/federal laws and guidelines
  Job Type: Contract
  Pay: $45.00 - $55.00 per hour
  Expected hours: 40 per week

Schedule:

• 8 hour shift

Application Question(s):

• Must attend an in-person interview (mandatory)
• Please share Linkedin URL

License/Certification:

• Certified Information System Auditor (CISA) (Required)
• Certified Information Privacy Professional (CIPP) (Required)
• Certified Information Privacy Manager (CIPM) (Preferred)

Location:

• Raleigh, NC 27607 (Required)

Work Location: In perso

• Develop and maintain compliance programs for AOC Security & Privacy policies, procedures, state and federal laws.
• Analyze and evaluate effectiveness of Information Security and Privacy programs.
• Conduct program audits and report levels of compliance.
• Draft and maintain agency-wide policies and guidelines to ensure least-privilege data access.
• Enforce data privacy requirements and legal mandates.
• Foster privacy awareness agency-wide; collaborate with IT, Legal, HR, and other agencies.
• Develop/implement corrective action plans resulting from audits.
• Train staff on privacy issues.
• Assess programs to ensure minimum necessary data disclosure for third-party functions.
• Periodically conduct privacy risk assessments and compliance audits.
• Investigate and resolve privacy-related incidents and complaints.