Senior Data Privacy Analyst

Primary Responsibilities: The candidate will be responsible for supporting Privacy and Compliance Strategy Planning for the Americas, which may include the following: - Conduct privacy impact assessments (PIAs) to assess and mitigate risks related to processing, transmission and storage of personally identifiable information (PII). - Maintain registry of data stores and processes that affect personal information. - Assist in developing a strategic road map to evolve the privacy program and fulfill internal and external compliance and privacy audits or assessments. - This candidate should have familiarity with North and South American privacy and data protection laws and regulations, including: o CCPA/CPRA and other US state privacy laws o Canada’s PIPEDA and Quebec’s Law 25 o Mexico’s LFPDPPP o Brazil’s LGPD - Self-starter, able to work with little supervision. - Good verbal and written communication skills are required as this position entails extensive interaction with business teams. Summary of Duties: - Assist with privacy strategic planning and implementation. - Conduct gap analyses and assessments of the privacy program. - Assist with developing a strategic roadmap to evolve the privacy program. - Enforce policies and procedures related to data. - Provide regular program status reports and metrics to management. - Assist in fulfilling internal and external program audits or assessments. - Develop and drive privacy training and awareness campaigns. - Participate in new business initiatives and product development activities to champion privacy-by-design principles and identify and escalate privacy considerations. - Ensure that business units and vendors are complying with privacy requirements and address privacy concerns. - Collaborate with and assist business units to develop corrective action plans for identified privacy compliance issues. - Continuously monitor the status and effectiveness of privacy controls. - Ensure privacy-related key risk indicators are effectively monitored to prevent an unacceptable impact on business objectives and reputation. - Update and re-evaluate the extent to which customer and employee information is collected and shared internally and externally. - Respond to data subject rights requests (DSRs). Professional Skills Requirements - Proficiency with OneTrust or similar privacy tool. - Excellent communication (verbal and written), facilitation, and interpersonal skills, including the ability to influence across all levels of an organization. - Inquisitive, adaptive, and agile learner. - A hands-on privacy practitioner with the ability to shift between operational and strategic mindsets. - Highly motivated self-started with the ability to work collaboratively and independently. - Demonstrated ability to navigate unstructured processes and to simultaneously manage responsibilities of multiple/concurrent work streams and competing demands. - Demonstrated competency in thinking strategically, analytically, conceptually, and innovatively, including the ability to synthesize and analyze data. - Ability to flourish in a challenging, fast-paced, constantly evolving environment, operate with high standards and integrity, and exhibit excellent multi-tasking skills. - Demonstrated ability to build relationships, establish trust, and form effective alliances across teams and functions to ensure optimal end-to-end delivery. - Demonstrated commitment to high quality and attention to detail. - Demonstrated ability to work cross-functionally with multiple stakeholders and competing priorities. - Must have a reliable internet connection. - Must be able to work Pacific time zone hours. Preferred Qualifications - Bachelor’s Degree in Pre-law or Computer Science related fields. - Experience in data privacy program development and management. - Privacy Certifications such as: o IAPP: CIPP/US, CIPP/C, CIPM, or CIPT o ISACA: CDPSE - Ability to obtain buy-in from key business and technology stakeholders for key data privacy initiatives. - Strong program and/or project management skillset with proven experience managing concurrent initiatives. - Demonstrated ability to understand and articulate the complexity of business. processes, and build/develop practical communications plans based upon those needs. - Prior consulting experience in data protection.