Senior Privacy Risk Analyst

$92,700 - $154,500/Yr

Sorenson - Salt Lake City, UT

posted 5 months ago

Full-time - Senior
Salt Lake City, UT
Professional, Scientific, and Technical Services

About the position

The Senior Privacy Analyst (SPA) will assist the Head of Privacy in managing the operation of a privacy team for a rapidly growing multinational corporation. The SPA will work closely with the Legal Department and key stakeholders to support the development and implementation of Sorenson's data privacy program. This includes supporting the development of strategies, policies, and procedures related to the protection of data throughout its lifecycle. The SPA will design and consult on the implementation of privacy controls, perform testing and audits of privacy requirements, and manage remediation efforts across the enterprise. The SPA will work with stakeholders to define the privacy requirements for external organizations with whom Sorenson has a business need to share information; will facilitate compliance with identified requirements to control risk; will represent the privacy program to internal and external stakeholders; and will support the development and implementation of privacy training and awareness programs. The role will conduct internal testing to measure compliance with HIPAA, GDPR, CCPA, ISO, NIST, and other regulations and frameworks. This position will report to the Head of Privacy.

Responsibilities

  • Use automated tools for implementation of privacy compliance
  • Develop and report regular program metrics
  • Develop guidance data privacy risk assessment process
  • Summarize privacy risks, categorize potential concerns
  • Create privacy policies consistent with current and emerging laws
  • Organize, train and assist Privacy Liaisons pursuant to Privacy Liaison Program
  • Assist in development of core strategies for Data Privacy Program
  • Act as lead in maintenance, development and implementation of Sorenson's privacy program and the resulting privacy policies, procedures and documentation
  • Research privacy regulatory issues
  • Perform privacy risk assessments and audits
  • Perform and lead the performance of Privacy Impact Assessments (PIA) and Data Protection Impact Assessments (DPIAs)
  • Monitor continuous privacy team adherence to the privacy program's requirements
  • Develop internal controls to support and enforce the Privacy program
  • Capture and analyze information to identify key risks and corresponding controls
  • Systematically test and evaluate controls to verify efficiency and effectiveness of operation, reliability of information and compliance with applicable laws and regulations
  • Communicate findings and recommendations to management
  • Follow-up and implement corrective actions
  • Deliver training to other members of the company on policies and procedures
  • Work with Compliance Department, IT, and department managers to support annual external industry standard security and privacy audits conducted by external audit firms
  • Consult on company projects to ensure that privacy risks are being addressed
  • Other duties as assigned

Requirements

  • Bachelor's Degree in related field
  • 5 to 7 years of experience in privacy program management
  • Experience with Privacy / GRC tools for information gathering and reporting
  • Knowledge of government and/or industry regulatory requirements (GDPR, CCPA, HIPAA, etc.)
  • Basic understanding of systems development life cycle methodologies required

Nice-to-haves

  • One or more of the following Certifications is preferred but not required: Certified Privacy Professional, CRISC, Certified Information Systems Auditor, Certified Information Privacy Management (CIPM)

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service