Data Privacy Analyst

Description :

Business Initiative / Purpose : (Goal, Business Impact, Accomplishments from the work)

Assess third party engagements for privacy risk.

Bachelor Degree : (Required, Preferred or Not Required)

Preferred but Not Required.

Role Responsibilities : (what they will be doing)

• Perform risk assessments to ensure that third party vendors have adequate controls in place to protect Client's consumer's personal data or mitigate risk as required.
• Partner with Third Party Risk Management, Supply Chain Adherence Advisors, and Business Units to execute third party privacy risk review processes and mitigating controls to ensure we effectively manage privacy risks related to third party services.
• Attend Inherent Risk Assessment calls to represent Privacy. Ask questions of service manager to ensure privacy risks (sharing of personal data) are properly identified and risk assessed
• Perform Privacy Impact Assessments by reviewing KYP DDA questionnaires and artifacts provided by suppliers to validate controls are in place and determine if privacy risks are properly addressed or mitigated.
• Partner with Governance Partners to successfully escalate items that are not in compliance with policies and procedures to determine best approach for risk mitigation.
• Monitoring ECRS Privacy Third Party Review team mailbox and providing responses as needed to submissions.
• Updating ECRS tracker as needed for comp.

Must Have Skills / Prior Experiences : (Vendor should not submit any candidate that does not have these skills / prior experience.)

Required Qualifications :

• Experience as a business analyst or related role / Experience, with Experience in one or more of the following areas : Project Management, business Process Management, Relationship Management, business Operations, Quality.
• Experience working with third party vendors or managing third party relationships.
• Experience in conducting analysis and due diligence to determine level of risk.
• Ability to recommend mitigating controls to change programs or third-party relationships.
• Aid in the creation of metrics to monitor the success and sustainability of the recommendations made.
• Aid in creating and monitoring reports to communicate to executives and partners risk levels.
• Collaborate with multiple levels and Line of business subject matter experts to ensure recommendation are best practices and compliant with regulatory and policy requirements.
• Aid in the creation of metrics to monitor the success and sustainability of the recommendations made.
• Applies knowledge of best practices derived from Experience and external networking to solve a range of complex technical and operational problems.
• Application Experience : Microsoft (Outlook, Excel, etc. ), Teams, SharePoint.
• Strong communication skills (both speaking and writing).
• Attention to detail.
• Thoroughness.
• Timeliness.
• Self-motivated / Initiative.

Plus / Nice to Have Skills / Prior Experiences : (Hiring Manager DOES NOT require these skills / prior experience. However candidates with any of these will be looked at first.)

Desired Qualifications :

• Knowledge and understanding of privacy regulations and / or privacy legislation (, GLBA, CCPA, CPRA, TCPA, etc.).
• Archer application experience.
• Managing Mailbox and handling communication responses across the organization.
• Sharepoint Site.

EEO :