Role: Cyber Security Architect L1/L2 Location: Remote Role
Proactively identify and evaluate implementation of privacy initiatives through monitoring and testing. The role will undertake data protection & privacy impact assessments for relevant projects and with various functions and advise on mitigations to identified privacy risks.
Work with operations and functional teams to ensure data protection and privacy initiatives are understood and implemented
Pro-actively analyze existing operations policies, processes, systems, controls, and training material to assess areas for improvement in respect of data protection and make recommendations for change
Work with legal team to identify regulatory requirements across jurisdictions related to privacy and data protection
Work with legal and other teams to translate regulatory requirements to process improvements and initiatives and drive through completion
Develop and support frameworks for monitoring and reporting ongoing compliance with regulation and standards
Support internal privacy and compliance audits
Review privacy impact assessments completed by the businesses
Manage day-to-day privacy issues, such as data security incident responses, data protection agreement consultation, privacy complaints and resolution, subject access requests, management of Regulatory notifications and International Data Transfers.
Research and analysis on developments in privacy law
Support in assessing and implementing privacy and/or data protection enhancements and automation tools and providers
Undertake privacy and/or data protection implementation and transformation projects and guide clients on their privacy compliance journey
Key stakeholder in the development and ongoing management of privacy program across geographies, including the Governance Framework, Policy set, compliance risks, compliance roadmap, training, retention, audit and reporting requirements.
Remain up to date with the requirements of legislation and conduct necessary gap analysis processes to identify and help build remedial work programs and highlight ongoing program risks.
Qualification and Experience Required
Work experience: 6 to 10 years
Experience in specific industry verticals is preferred and a thorough understanding of privacy and data protection specific compliance requirements within those verticals.
Experience in implementing and designing PKI, DLP, data masking tool such as MSPKI, Symantec, Forcepoint, McAfee, EDO etc.
Experience into Solutioning data security RFPs.
Understanding and knowledge of industry standards and industry frameworks (e.g., AICPA/GAPP, PCI, OECD, FIPP, APEC Privacy Framework Etc)
Understanding of security and privacy laws and regulations both US and Global (e.g., GDPR, MCCs, BCRs, HIPAA, GLBA, PCI, CCPA, CPRA).
Experience in performing data privacy risk assessments/privacy impact assessments (PIAs).
Experience in developing data protection and privacy strategies and roadmaps.
Experience in planning and implementation of data protection and privacy controls.
Experience in developing data protection and privacy policies, standards, and procedures.
Experience on Privacy Enhancement and Automation tools such as OneTrust, BigID
Experience in creating data privacy notice and consent forms, third party/vendor contracts.
Excellent documentation and communication skills.
Preferred
Experience on operating and implementing Privacy Enhancement and Automation tools such as OneTrust, BigID
Professional certifications related to GDPR, Privacy (e.g., CIPP) or others such as CISA / ISO27001 LA etc are preferable
CIPP/CISSP
Functional and nonfunctional privacy requirements definition and documentation experience.
implementation experience atleast any of two - DLP, PKI, Encryption, Data masking, database security, certificate management
DLP and PKI and Encryption and Data masking and database and security
Seniority level
Mid-Senior level
Employment type
Contract
Job function
Other
Industries
Information Technology & Services
Referrals increase your chances of interviewing at Futran Solutions by 2x