Senior Data Privacy Analyst

Job Overview
Our client in the Bridgewater area of NJ has an excellent opportunity for a Senior Data Privacy Analyst!   
 

Responsibilities:

  • Maintain, develop and implement the Privacy Management Program and its resulting privacy policies, procedures and documentation.
  • Review and update policies and procedures for customers, employees and data breach incident response, ensuring alignment with the implementation of personal data processing activities.
  • Maintain an inventory of all personal data stored and data processing activities, including how and why the company collects, shares and uses personal data.
  • Work with the Contracts, Vendor Management and Compliance departments to ensure that third-party suppliers’ contracts and operating-level agreements meet international privacy requirements.
  • Provide support for communications with regulatory authorities and the public concerning privacy issues, including processing data subjects’ requests.
  • Determine the enterprise’s specific privacy-related requirements and potential vulnerabilities.
  • Manage the privacy impact assessment process, in close collaboration with business stakeholders.
  • Conduct regular privacy policy compliance assessments to ensure that business units, technology teams and third party service providers adhere to the program requirements, and address privacy concerns.
  • Collaborate with and assist business units and technology areas to develop corrective action plans for identified privacy compliance issues.
  • Receive and manage internal reports from business stakeholders to maintain control over all project and innovative initiatives, including change management, to ensure timely attention for privacy concerns.
  • Continuously monitor the status and effectiveness of privacy controls across service offerings, ensuring that privacy-related key risk indicators are effectively monitored.
  • Continuously update and re-evaluate the extent to which customer and employee information is collected and shared internally and externally.
  • Work to integrate controls within specific HR and CRM business and IT processes, and interpret privacy policy related requirements.
  • Conduct or oversee privacy awareness campaigns, training and orientation for all employees.
  • Support investigations of privacy and security incidents, and coordinate responses to emergencies and other potentially damaging events.
  • Work with the Head of Information Security, IT and business stakeholders to define metrics and reporting strategies that effectively communicate risks, successes and progress of the Privacy Management Program.
  • Stay current on technology trends and regulatory requirements.

 

Requirements:

  • Bachelor Degree in Business Administration, Information Systems, Law, Finance, Accounting, Computer Science, CyberSecurity or a related discipline is required.
  • At least 3 years’ experience as a Data Privacy Analyst, Information Security Risk and Compliance Analyst, or comparable role.
  • Experience developing and maintaining policies, procedures, standards and guidelines.
  • Experience with third-party assessments and cloud risk assessment methodologies.
  • Familiarity or experience with GDPR, CCPA, SSAE18 SOC 2, ISO, NIST, PCI, HIPAA, GLBA and SOX standards and compliance assessments.
  • Familiarity and experience with cloud computing, online services, web and enterprise applications, and data analytics.
  • Experience with data discovery, data mapping, authorization and access management, and pseudonymization technologies.
  • Certifications in one or more areas or willingness to obtain: CIPP, CIPM, CIPT, CISSP, CISM, CISA, CRISC, or comparable.
  • Experience working in a heavily regulated and/or audited environment.
  • A deep working knowledge of state, federal and international privacy laws, regulations and industry best practices.
  • Knowledge of the privacy aspects of the product development life cycle, data handling and asset classification, and knowledge of the role of a privacy professional in ensuring that customer data is properly managed.
  • Apply strong working knowledge of US and Global privacy practices (strategies, controls, and analysis), and effectively report and communicate with senior level stakeholders.
  • Ability to articulate the importance of customer privacy. Comfort with promoting privacy up and down the management chain, including audiences who have varying levels of familiarity with the topic.
  • Ability to maintain proper documentation, relevant records and archives in an orderly, transparent fashion.
  • Coordination of company-wide awareness and training.
  • Familiarity with governance, risk and compliance (GRC) tools and how they can be used to support privacy-related GRC activities.
  • Ability to understand business process flows and to provide recommendations for operationalizing compliance requirements.
  • Strong analytical and problem resolution skills. Sound business judgment, with the ability to think strategically and give practical advice by balancing business needs with legal risks.
  • Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors, IT staff, business personnel and customers.
  • Ability to work well under minimal supervision.
  • Strong project management skills and experience in creating and managing project plans.
Job Detail
Shortlist Never pay anyone for job application test or interview.