This position works as part of the Privacy and Risk team responsible for demonstrating to internal stakeholders and external customers compliance with information security and privacy frameworks including GDPR, HIPAA and ISO. The Privacy Analyst will work with teams across the company for the ongoing development, implementation, maintenance and monitoring of the global privacy program. The ideal candidate has prior Privacy experience and is familiar with Software-as-a-Service (SaaS) Products and Services.
The Privacy Analyst will contribute to the privacy management program serving as a subject matter expert regarding privacy principles on projects across the company, maintaining operational privacy procedures and conducting Privacy Impact Assessments. We look for people who pay attention to detail and enjoy finding creative and thoughtful solutions to a variety of privacy challenges in a rapidly evolving field.
- Develop, implement, maintain and monitor the privacy program based on various privacy frameworks, such as ISO 27018 and 27701.
- Collaborate with Legal, IT and other stakeholders to operationalize privacy requirements derived from regulations, published guidance, and leading practices.
- Create and maintain documentation that maps privacy requirements to operations processes enabling stakeholders to maintain compliance with privacy regulations.
- Establish a Privacy by Design (PbD) program to integrate privacy principles into Product, Development and Services Teams to ensure that data use meets established compliance requirements.
- Develop and conduct regular Privacy Impact Assessments (PIA)/Data Protection Impact Assessments (DPIA) of operational processes, identifying, and mitigating privacy risks across the company through effective tools, training and guidance.
- Collaborate with cross-functional teams including HR, Legal, Product, Development, Services, Security and other internal stakeholders for enterprise wide coverage of the privacy function.
- Assist business units to develop corrective action plans for identified privacy compliance risks and track these to completion.
- Manage operational processes and documentation allowing UKG to legally transfer data internationally.
Application Submission Information: