Job Details

ID #17216517
State Texas
City Grapevine
Job type Contract
Salary USD $40+ 40+
Source Prudent Technologies and Consulting
Showed 2021-07-24
Date 2021-07-16
Deadline 2021-09-14
Category Et cetera
Create resume

Privacy Analyst

Texas, Grapevine, 76051 Grapevine USA

Vacancy expired!

PRIVACY ANALYST

  • Grapevine, TX (role is onsite)
  • 6 month Contract to Hire
  • No sponsorship given at this time. Must be able to work for any employer in the US without current or future sponsorship needs.
  • Pay range: $40-45/hr before converting to permanent employee
If you are interested in this opportunity, please apply here or email your resume directly to Brittany at This position will support the Manager, Security and Privacy in developing and maintaining a comprehensive enterprise-wide privacy program. The Privacy Analyst will lead several efforts pertaining to privacy governance, data collection practices, and administrative security. The Privacy Analyst will also be responsible for supporting privacy-related procurement and overseeing vendor management activities. The Privacy Analyst will be tasked with the following responsibilities/duties, all in accordance with applicable Federal, State and local laws / regulations as well as ratified company policies, procedures, and guidelines:
  • Serving as the central point of contact for all privacy and compliance activities.
  • Coordinating with 3rd party auditors and assessors to ensure timely and successful completion of audits.
  • Serving as a subject matter expert (SME) on controls standards such as NIST Privacy Framework, CSF, 800-53, and 800-171; as well as regulations such as NYDFS, CCPA, CPRA, CDPA, GDPR, FedRAMP and FISMA.
  • Creating and maintaining internal documentation repositories for all compliance activities.
  • Reviewing documentation and artifacts related to compliance activities.
  • Creating, maintaining, and enhancing the KNA privacy program, partnering with various departments in continuous policy development and maintenance related to Privacy concerns and as well as overseeing and executing compliance and advocacy enhancement initiatives.
  • Supporting privacy training programs and related strategic outreach and communication efforts.
  • Support the development and implementation of Vendor Risk Management policies, procedures, and programs with a focus on maintaining Information Security and Privacy Management standards and policy objectives.
  • Partner with “third-party” relationship owners and the CMO/VMO to help ensure that third-party selection and management processes are consistently followed by adhering to due diligence and compliance standards for current and prospective vendors.
  • Coordinate with Security and IT department managers to analyze and attest to the adequacy of control measures in place with third-party partners by reviewing SOC I and SOC II reports or equivalent supporting documentation.
  • Promote and practice strong collaboration with business units in the areas of vendor risk from an implementation, assessment, and training perspective.
  • Assisting in regulatory reviews, data protection audits, and privacy reviews
  • Communicating with internal teams affected by new laws and regulations and monitors to assure that necessary changes to policies and procedures are made.
  • Serving as an internal expert resource for privacy compliance.
  • Managing identification and rollout of scalable technologies to support global privacy compliance, including developing usage policies and guidelines, as well as audit and control processes.
  • Execute data mapping & data classification exercises in conjunction with company departments and data owners.
  • Conduct authorization/ privilege audits for roles and accounts within vital legacy and new enterprise applications.
  • Conduct data & privacy impact analysis for legacy & new enterprise applications.
  • Performing other similar duties as assigned/required.
SKILLS AND BACKGROUND
  • Minimum of 5-7 years of relevant experience in consumer finance environment.
  • 3-5 years of privacy experience.
  • Certifications such as CIPP, CIPM, CIPT, CISA, CRISC strongly preferred & highly desirable or willingness to obtain relevant certification within 1 year of employment would be ideal.
  • Strong understanding of U.S. privacy and security regulations.
  • Experience with privacy and security frameworks such as GAPP, ISO 27000, NIST-SP, COBIT and SSAE18, etc.
  • Understanding of “role-based access” and “segregation of duties” protocols.
  • Strong business acumen with the ability to assess risk across a wide range of operational processes.
  • Experience supporting/interpreting 3rd party risk assessments and privacy compliance activities.
  • Strong experience with privacy-related contract review and vendor management processes.
  • Ability to work independently with minimal direction.
  • Strong written and oral communication skills.
  • Strong Microsoft Office skills.
  • Experience with Incident Response and Business Continuity Planning / Disaster Recovery Planning.

Vacancy expired!

Subscribe Report job