Data Privacy Analyst, REI, Bellevue, WA


  • Review and assess privacy risks to the Co-op related to member, customer, employee, and other personal data via project-based privacy risk/privacy impact assessments.
  • Develop and maintain appropriate and concise documentation to record privacy risk assessments, findings, and recommendations.
  • Appropriately configure, manage, and maintain a governance, risk, and compliance technology or system of record to track privacy risks in coordination with other internal stakeholders.
  • Update and maintain an accurate data inventory and record of all personal data processing activities.
  • Collaborate and consult with business owners and technologists to identify, develop, implement, and test privacy controls to ensure effective reduction of privacy risks to the Co-op.
  • Stay informed about state, federal, and international privacy laws and regulatory regimes, including trends in enforcement and implementation, translating external requirements into actionable insights for REI’s business.
  • Provide guidance, education, training and information resources to all relevant stakeholders, increasing awareness of privacy and privacy best practices throughout the Co-op.
  • Collaborate effectively with a diverse range of internal partners and stakeholders to further the goals of the privacy program, maintaining a business mindset while furthering the goals of the Privacy Program.
  • Engage and maintain a network of privacy advocates throughout the business who are educated and passionate about integrating privacy and Privacy by Design principles into the Co-op’s business activities.

Bring your passion and expertise

  • Advanced degree or 4+ years post graduate work experience in relevant field.
  • 3+ years work experience in privacy, in-house or regulatory agency strongly preferred.
  • Excellent written and verbal communication skills, including ability to communicate clearly and concisely with a variety of internal audiences.
  • Advanced knowledge of privacy risk management methodologies, including privacy risk or privacy impact assessments, product counseling, or other privacy risk and compliance approaches.
  • Demonstrated interest in privacy and data protection.
  • Current IAPP certification (CIPP/US or CIPT preferred).
  • Thorough understanding of privacy laws, regulations, self-regulatory regimes, and industry best practices, including current and future trends.
  • Working knowledge of relevant privacy industry organizations and resources.
  • Experience with or knowledge of the retail industry.
  • Experience within a digital-forward, innovative environment.
  • Experience reviewing legal language related to privacy in B2B and B2C contexts.
  • Flexible in one's viewpoints and positions in order to support the direction taken by others at REI.
  • Uses business knowledge, innovative thinking, and sound judgment in the solution of problems or the pursuit of business opportunities.
  • Consolidates information from various sources including feedback from others to reach sound decisions.
  • Considers the ultimate impact of decisions and actions on internal and external customers.
  • Works smart by setting effective work goals, establishing priorities, and planning well in order to produce quality work.
  • Executes effectively by using resources efficiently, meeting deadlines, and keeping others informed of work plans and progress toward goals.
  • Clearly conveys and accurately receives information by a variety of methods and in various situations.
  • Builds rapport with all kinds of people inside and outside the organization.
  • Acts upon opportunities and involves and influences others in the accomplishment of worthwhile organizational goals.
  • Challenges the status quo, champions change and influences others to change.


Application Submission Information: