Privacy Analyst

Prudent Technologies and Consulting
Grapevine, TX
30 Nov 2024

Vacancy expired!

PRIVACY ANALYST

  • Salary: $120-125k + 3% bonus; salary slightly negotiable
  • No H1 sponsorship available
  • Located in Grapevine, TX
  • If not in the DFW area, relocation is 100% paid by the client. Must relocate within 9 months of starting.

Mandatory Skills: one trust tool, NIST privacy network , SOC, privacy tools, regulations GDPR, vendor onboarding, data mapping, cookie management, security controls This position will support the Manager, Security and Privacy in developing and maintaining a comprehensive enterprise-wide privacy program. The Privacy Analyst will lead several efforts pertaining to privacy governance, data collection practices, and administrative security. The Privacy Analyst will also be responsible for supporting privacy-related procurement and overseeing vendor management activities. This role will be tasked with the following responsibilities/duties, all in accordance with applicable Federal, State, and local laws / regulations as well as ratified policies, procedures, and guidelines:
  • Serving as a point of contact for all privacy and compliance activities.
  • Coordinating with 3rd party auditors, assessors, and business managers to ensure timely and successful completion of audits
  • Coordinate with vendor management to analyze and attest to the adequacy of control measures in place with third party partners by reviewing SOC I and SOC II reports or equivalent supporting due diligence documentation.
  • Serving as a subject matter expert (SME) on data management and privacy standards such as NIST Privacy Framework, FIPS-199, framework standards NIST CSF, 800-53A, and ISO-27000; as well as regulations NYDFS, CCPA, CPRA, CDPA, GDPR, and FISMA.
  • Creating and maintaining internal documentation repositories for all compliance activities.
  • Reviewing documentation and artifacts related to compliance activities.
  • Assisting architects in data mapping & data classification.
  • Conduct data & privacy impact analysis for legacy & new enterprise applications.
  • Creating, maintaining, and enhancing the privacy program, partnering with various departments in continuous policy development and maintenance related to Privacy concerns and as well as overseeing and executing compliance and advocacy enhancement initiatives.
  • Supporting privacy training programs and related strategic outreach and communication efforts.
  • Support the management and maintenance of Vendor Risk Management policies, procedures, and programs with a focus on maintaining Information Security and Privacy Management standards and policy objectives.
  • Partner with “third-party” relationship owners and the Contract and Vendor Management Office to help ensure that third-party selection and management processes are consistently followed by adhering to due diligence and compliance standards for current and prospective vendors.
  • Providing analysis to internal teams affected by new laws and regulations.
  • Participating in the identification and rollout of scalable technologies to support global privacy compliance, including developing usage policies and guidelines, as well as audit and control processes.
  • Other duties as assigned by management.
MINIMUM QUALIFICATIONS:
  • Bachelor’s degree preferred.
  • At least 3 years of privacy experience.
  • Certifications such as CIPP, CIPM, CIPT, CISA, CRISC strongly preferred.
  • Strong understanding of U.S. privacy and security regulations.
  • Understanding of “role-based access” and “segregation of duties” protocols.
  • Strong business acumen with the ability to assess risk across a wide range of operational processes.
  • Experience with privacy program management tools.
  • Intermediate Microsoft Office skills including but not limited to: Word, Excel, and PowerPoint
  • ID: #23653658
  • State: Texas Grapevine 76051 Grapevine USA
  • City: Grapevine
  • Salary: $120,000+
  • Job type: Permanent
  • Showed: 2021-11-30
  • Deadline: 2022-01-28
  • Category: Security