Privacy Associate

About The Position

Requirements

• 3-4 years' experience in one or more of the various privacy disciplines (e.g., policy, compliance, privacy, information security, operational risk management). Privacy experience is a must.
• Knowledge and understanding of U.S. (e.g., CCPA/CPRA) and European privacy (e.g., GDPR) and data protection laws and regulations. Knowledge of global data privacy laws (e.g., PIPL, PIEPDA) and HIPAA are a plus but not required.
• Strong written and verbal communication skills and the ability to work cross-functionally with other departments.
• Strong critical thinker with the ability to analyze legal issues and make recommendations.
• Self-starter with the ability to work well with business units and manage multiple projects.
• Creative problem solving and analytical skills, and the ability to conduct risk analysis for current and future projects.

Nice To Haves

• IAPP certification (e.g., CIPP/US, CIPP/EU)

Responsibilities

• Draft privacy related policies and procedures, notices, and engage in vendor and data management
• Conduct privacy centric activities such as privacy impact assessments, risk reviews, monitoring of the Privacy program email account, responding to individual rights inquiries
• Escalate any remediation required based on results of compliance tasks
• Maintain organizational data mapping and follow up on legal requirements as a result
• Collaborate with IT and the IS as required to develop and improve the privacy and data security stance of the company
• Support the HR departments for the U.S. and Europe and other locations where the Company does business in all matters related to data processing
• Review data privacy provision in contracts and DPAs
• Consistently monitor and identify privacy and information security related risks based on latest laws and regulations, and work to mitigate those risks
• Review and analyze for privacy risks in product launches and work closely with the Engineering teams in implementing privacy requirements in the design and launch of products
• Work closely with the marketing team in connection with marketing and launch of products
• Serve as a privacy liaison to cross-departmental stakeholders in connection with business activities establishing solutions that integrate privacy requirements with global business priorities
• Oversee and manage all privacy and information security legal compliance tasks
• Write a wide variety of documents including process flow maps, how-to guides, privacy trainings, and instructions in an accurate and succinct manner
• Review current policy and procedure documents for thoroughness, draft and submit improvement recommendations to appropriate approver and/or subject matter expert(s) for review, and edit and submit final documents
• Assist with development of action plans for issues/gaps identified during reviews and work with business stakeholders to determine appropriate remediation and monitoring routines

Benefits

• Annual bonus up to 10% based on Company, department, and individual performance