Privacy & Data Security Analyst

About The Position

Requirements

• Bachelor’s degree required.
• 3–5 years of experience in privacy, compliance, governance/risk support, InfoSec/GRC coordination, or a similar operational role.
• Experience managing structured workflows (intake, triage, documentation tracking, and closure) across multiple stakeholders.
• Strong organizational, documentation, and follow-through skills; able to manage multiple parallel requests and deliverables across stakeholders.
• Clear, concise written communication, including summaries, decision logs, and audit/client-ready documentation.
• Sound judgment with appropriate escalation of risks or uncertainties; high discretion in handling sensitive information.
• Ability to collaborate effectively with business, procurement, security, and compliance teams.
• Proficiency in Microsoft 365 (Outlook, Teams, SharePoint, Excel) and familiarity with task/ticket tracking and evidence management tools.
• Working knowledge of privacy-by-design principles (data minimization, appropriate use, retention, transparency, and sharing constraints).
• Experience supporting vendor onboarding, system/security reviews, procurement/TPRM processes, and data inventories/ROPA-style records.
• Experience with training administration and completion reporting, preferably within professional services or regulated environments.

Nice To Haves

• Privacy and/or Information Security certifications are a plus.

Responsibilities

• Operate the Firm’s privacy intake process, including monitoring mailboxes/queues, acknowledging requests, gathering required context, and routing to appropriate reviewers.
• Track requests through completion with clear ownership, timelines, and closure documentation.
• Maintain organized records of requests, decisions, approvals, and supporting evidence for audit and client readiness.
• Escalate novel or high-risk matters to InfoSec and Legal using defined triggers.
• Coordinate workflow artifacts (DSARs, PIAs, DPIAs, TIAs), ensuring inputs, documentation, approvals, and follow-ups are completed.
• Support privacy-by-design within Security-by-Design reviews by gathering key inputs (data categories, purpose, retention, sharing, access).
• Prepare decision-ready summaries outlining processing context, risk considerations, and required approvals.
• Promote repeatable standards and playbooks to improve consistency and efficiency.
• Coordinate privacy components of vendor onboarding and system changes, emphasizing data minimization, appropriate use, retention, and sharing constraints.
• Partner with Procurement and business stakeholders to gather inputs and document outcomes.
• Maintain review artifacts and track remediation actions to closure.
• Route matters to Legal for review/approval when required.
• Conduct structured data inventory activities using standardized templates.
• Maintain accurate, defensible processing records as systems, vendors, and processes evolve.
• Coordinate documentation and evidence for privacy assessments (including DPIAs).
• Support audits and client inquiries by organizing and presenting privacy documentation.
• Coordinate updates to privacy notices and disclosures, including stakeholder input, version control, and Legal review.
• Maintain repositories of approved language, rationale, and change history.
• Support maintenance of internal privacy guidance (FAQs, templates, standards).
• Coordinate privacy-related inputs for the InfoSec training program (topics, audiences, review requirements).
• Track training completion and coverage metrics; prepare summary reporting for leadership.
• Coordinate Legal review of training content as needed.
• Support documentation and routing of privacy-related incidents in coordination with InfoSec.
• Ensure appropriate escalation, tracking, and record retention.
• Maintain incident documentation for audit and regulatory readiness.

Benefits

• MoFo offers a comprehensive benefits package starting on your first day.
• A variety of options for medical, dental, vision, life and disability coverage to meet the needs of you and your family.
• Industry-leading parental leave and family benefits including adoption and fertility treatment options and backup child and elder care.
• Global wellness program, including free access to Talkspace and Calm apps.
• Annual community service day to make an impact on your community and a birthday holiday just for fun.
• Education reimbursement annually.
• Dedicated Talent Development team.
• Competitive annual profit-sharing contribution.