Privacy & Compliance Analyst


Apply Now

Overview


Use your privacy, information security, and compliance expertise in this exciting opportunity to help drive privacy program! In this role, you will focus on data privacy and partnerships between legal, enterprise information security and technology teams. In return, you will enjoy amazing benefits and be part of exciting growth within the corporate security team.
You will work closely with InfoSec compliance management, as well as other members of the compliance, legal, and client assessment team to support regulatory, internal, and client and vendor assessment. You will also have extensive opportunities to collaborate with employees across additional functional areas, including operations, training, and procurement. This position supports industry compliances with Nist Privacy Framework, SOC 2 Type 1 and Type 2, ISO 27001, CMMC, HIPAA, and PCI DSS.
Being successful in this position requires communication and relationship-building with compliance teams and external auditors, superior analytical and organizational skills, attention to detail, as well as confidence, discretion, good professional judgment, and personal initiative.

Responsibilities


  • Assist in all aspects of information security associated with privacy compliance, privacy and security assessments and external audits (i.e. assessment and assessment questionnaires, written response to assessment report and/or findings)
  • Facilitate communication between the business, technology and compliance areas related to privacy and security concerns, standards and governing policies and procedures
  • Work with data warehouse and other data storage teams to align efforts in the areas of privacy compliance, security controls, and data governance
  • Perform privacy and security risk assessment activities for third-party service providers and vendors and internally developed solutions (PIA, DPIA, Article 30, TIA)
  • Assist in selection, assessment, documentation, reporting and clear articulation of NIST privacy controls
  • Identify, track, and communicate privacy risks while following established standards and work processes
  • Track exceptions and risks to privacy policies, standards, controls, and configuration requirements for reporting to management, auditors and clients
  • Assist in policy/procedure developments and on-going updates required under the collection agency industry regulations and standards
  • Successfully set priorities, perform tasks in an orderly fashion, and meet time deadlines
  • Stay informed of pending industry changes, trends, and best practices and assess the potential impact of these changes on organizational information security policies, procedures, and processes

Requirements


  • 4-6 years of experience working within a data privacy program, privacy policy, security compliance, information governance, or program management
  • Familiarity with global and domestic privacy laws and associated frameworks (GDPR, CCPA/CPRA, and/or other governance privacy regulatory requirements)
  • Knowledge of information security and computer network access technologies
  • Knowledge of OneTrust Platform to support Privacy Impact Assessments (PIA) and DPIA as part of the Privacy Program Management process
  • Knowledge of data protection and integrity, operating systems and network security, authentication, and security protocols
  • Strong interpersonal and communication skills to work effectively with IT, legal and business units
  • Experience with vendor risk management including GRC processes and tools
  • Strong ability to understand and solve data challenges with experience in information governance, data protection, and privacy compliance
  • Experience working with security programs including risk assessments and forensic research, designing security architectures, and developing policies
  • Bachelor’s Degree in information management, information security, law, computer science or related disciplines with equivalent relevant work experience

Recommended Qualifications


  • IAPP Certification (CIPP, CIPM or CIPT) or CISA highly desired
  • Ability and willingness to obtain a security clearance

About Esri


Our passion for improving quality of life through geography is at the heart of everything we do. Esri’s geographic information system (GIS) technology inspires and enables governments, universities, and businesses worldwide to save money, lives, and our environment through a deeper understanding of the changing world around them.

Carefully managed growth and zero debt give Esri stability that is uncommon in today's volatile business world. Privately held, we offer exceptional benefits, competitive salaries, 401(k) and profit-sharing programs, opportunities for personal and professional growth, and much more.

Esri is an equal opportunity employer (EOE) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.

If you need a reasonable accommodation for any part of the employment process, please email askcareers@esri.com and let us know the nature of your request and your contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.

#LI-REMOTE
#LI-NR5

Apply Now