Data Privacy Specialist

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Systems, Law, or another related discipline.
• 1-3 years of experience in data privacy, ideally working as a Privacy Officer and/or supporting a global Privacy Compliance Program, handling data subject requests, assisting incident response and breach management processes.
• Demonstrable knowledge of data privacy and global data protection regulations and standards (e.g. GDPR, CCPA, PIPL, PIPEDA etc.). Certifications of CIPT, CIPP or the equivalent (completed or in process) are highly preferred.
• Foundational knowledge of data privacy procedures, privacy and security frameworks, data classification, data mapping, data flows, personal data inventory methodologies and compliance tools.
• Strong attention to detail and analytical mindset to assess privacy risks.
• Excellent organization, problem-solving and prioritization skills to develop practical solutions.
• Strong communication skills and the ability to work confidently across teams and at all levels.

Responsibilities

• Coordinate and develop our current Compliance Program and Implementation Plan, focusing on questionnaires and information requested by jurisdictions, governments and school districts globally.
• Review state and country-specific data privacy requirements and outline activities needed to comply with internal data privacy policies, procedures, relevant privacy and data protection regulations and industry best practices.
• Assist internal privacy audits, incident response and breach management processes.
• Partner with internal stakeholders and regulatory authorities to review and update all relevant Privacy Notices, record of processing activities (RoPA) and statements, to ensure adequacy of incident response plan and to handle data breaches or privacy incidents effectively.
• Contribute to implement Data Subject Access Request process automation.
• Support review and completion of Data Privacy Agreements and privacy related assessments.
• Create and maintain an FAQ repository of data privacy and contribute to establish security white papers for questions about each software within Tobii Dynavox.
• Maintain a repository of all Data Processing (DPA) and privacy-related assessments (LIA, TIA, and DPIA) for US, Europe and Asia Pacific regions.
• Collaborate with IT, Engineering and Third-Party Risk Management teams to ensure adequacy of assessment, evaluation and monitoring of third-party vendors to ensure data handling practices, security and contracts comply with privacy and data protection requirements.