Responsibilities Include:
- Assist with development of privacy architectures to maintain compliance with internal privacy policy and legal requirements
- Assist product delivery process in driving internal security, privacy, and relevant compliance initiatives.
- Assist with processing Privacy Impact Assessment (PIAs) and Data Protection Impact Assessments (DPIAs) and recommending practical solutions for any issues discovered.
- Receive and respond to customer inquiries about the security and privacy of our products.
- Design, develop and document risk management activities in GRC tool (OneTrust).
- Maintain data inventory and related data flow diagrams and documentation.
- Conduct privacy and security assessments on for our suppliers.
- Be a champion for data protection issues within the organization.
- Identify, support, train and engage Data Protection champions as needed.
- Assist in preparing training documentation and delivering training as needed.
- Assist in annual reviews of company policies and procedures.
- Stay up-to-date on applicable privacy laws and monitor development in privacy and information security technologies and advise team.
- Manage other regional Data Protection analysts
Qualifications:
- Interest in emerging technologies and security/privacy regulations
- Must be a critical thinker with strong problem solving skills with a good understanding of threats, vulnerabilities, risks, defenses, security principles and policies.
- Highly proficient in spoken and written English
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences including executives and business stakeholders with the ability to lead and coordinate discussions.
- Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
- B.S. Computer Science or related field, or equivalent experience
- Internationally recognized privacy certification (e.g. CIPP/US, CIPP/E, etc.), GIAC Law of Data Security & Investigations (GLEG) certifications a plus
- 6+ years of experience in security related field desired
- 3+ years of relevant professional experience