Job Title: Business & Process / Improvement Analyst IV / Privacy Analyst
Location: Folsom, CA
Duration: 6 Months (Strong Possibility of Extension)
Client's Privacy Office is responsible for defining and driving Client's corporate-wide privacy compliance program. Our vision is about keeping the trust as Client shifts into new data intensive markets. The Privacy Operations team works with all the businesses within Client and focuses on incident response, inquiry management, privacy risk assessments and making it easy for new programs or products to find resources about protecting personal information. The privacy analyst will be responsible for evaluating privacy impacts and driving mitigation strategies and decisions to ensure Client is compliant with global data protection laws. This includes, but is not limited to, business process, data management, and technology analysis driving mitigation options and/or effectiveness of controls influencing tactical and strategic direction and effectively partnering with business units to enable Client's compliance.
- Conduct privacy assessments of business processes and practices, products and services- Analyze and interpret privacy-related legislation and regulatory requirements and driving updates/decisions for internal policies and/or guidelines
- Provide subject matter expertise in the area of privacy and security, keeping abreast of new developments and best practices
- Bachelor's Degree with 4+ years’ experience or Master's Degree with 3+ year’s related experience and demonstrated accomplishments in privacy, risk management, and business management.
- An in-depth understanding of information security and privacy policies, principles and technologies knowledge of applicable privacy laws and common risk frameworks.
- Ability to influence using insight, logic, and data to effectively persuade partners or customers on recommendation or course of action.
- Ability to skillfully navigate around obstacles and ambiguity.
- Demonstrated articulations of issues to both technical and non-technical audiences. Actively listens to peers, partners, customers, stakeholders, etc.
- CIPP certification and/or CISSP preferred.