Privacy & Governance Analyst

About The Position

Requirements

• Bachelor’s degree or higher
• 5+ years of experience in privacy, data protection, internal audit, compliance, or related roles in regulated or technology‑enabled environments
• Familiarity with privacy laws and regulations (e.g., CCPA) and their practical application within enterprise systems and digital platforms
• Experience interpreting legal and regulatory requirements and mapping them to business processes, data flows, or technology controls
• Demonstrated ability to work cross‑functionally with business, legal, and technical stakeholders
• Strong analytical skills, with comfort reviewing documentation related to systems, data processing activities, or technical workflows
• Experience supporting governance, risk assessment, or compliance processes tied to data, platforms, or digital products

Nice To Haves

• Bachelor’s or advanced degree specifically in law, information security, data management, compliance, or a closely related field
• Hands‑on experience with privacy management tools supporting PIA, ROPA, vendor risk, or consumer rights workflows
• Familiarity with enterprise technology concepts such as APIs, cloud platforms, data warehouses, analytics, automation, or SaaS vendors
• CIPP certification (or commitment to obtain certification within 6 months)

Responsibilities

• Evaluate new or updated privacy laws and regulations and determine prioritization for documentation, analysis, and inventory based on legal risk, data use complexity, and impact to TMNA digital systems and platforms.
• Assess and triage Privacy Impact Assessment (PIA) submissions, making informed decisions about urgency based on system architecture, data sensitivity, regulatory deadlines, and business risk.
• Identify and escalate technology‑driven privacy risks, including risks arising from data integrations, vendor platforms, automation, analytics, and emerging technologies.
• Validate data accuracy and completeness when reviewing processing activities, understanding upstream and downstream data flows to ensure Records of Processing Activities (ROPA) reflect real‑world system usage.
• Partner with product, IT, and data teams to review system designs and workflows, helping ensure privacy requirements are embedded into business and technology solutions.
• Provide informed feedback on privacy tools and platforms (e.g., PIA, ROPA, consent, or data rights tools), identifying opportunities for optimization, automation, or improved usability.
• Evaluate adequacy of existing privacy controls in light of changing regulations, technology implementations, or operational changes, and recommend enhancements when gaps are identified.
• Translate complex privacy and technology concepts into clear, actionable guidance for non‑technical stakeholders to support compliant decision‑making.

Benefits

• A work environment built on teamwork, flexibility and respect
• Professional growth and development programs to help advance your career, as well as tuition reimbursement
• Team Member Vehicle Purchase Discount
• Toyota Team Member Lease Vehicle Program (if applicable)
• Comprehensive health care and wellness plans for your entire family
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
• Paid holidays and paid time off
• Referral services related to prenatal services, adoption, childcare, schools and more
• Tax Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)