Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Jobs - SANS Internet Storm Center InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Senior Privacy Analyst
Company GE Aviation
Location Cincinnati, OH or Remote
Preferred GIAC Certifications GISF, GSEC, GCLD, GSNA
Travel 10%
Salary Not provided
URL https://ge.wd5.myworkdayjobs.com/GE_ExternalSite/job/Cincinnati/Senior-Privacy-Analyst_R3620667-1
Contact Name Anonymous
Contact Email donotemail/at/sans.edu
Expires 2022-08-18

Job Description

The Senior Data Privacy Analyst will be working alongside key Privacy and Cross-functional business leaders to deliver a robust privacy risk assessment and ensure compliance with the development, implementation, and maintenance of the organization’s regulatory requirements around data privacy. The ideal candidate will be passionate about privacy and interested in building a career in the Data Protection space. The role requires strong analytical skills as well as the ability to participate, track and report on multiple concurrent projects.
Job Description
Roles and Responsibilities

Lead the Data Protection Impact Assessment (DPIA) process, with a focus on the portion of the process that identifies technological measures to address risks to the rights and freedoms of data subjects, including safeguards, security measures, and mechanisms to ensure the protection of personal data.

Collaborate with software developers, system and network engineers, and application and database administrators to review their designs and implementations and verify that they support the privacy requirements of the business, processes and procedures and implement necessary and appropriate data protection (information security) safeguards.

Develop KRI and KPI tracking methodologies to ensure continual growth and improvement of the company’s data privacy maturity and capabilities

Participate and help lead an information audit (data inventory and dataflow analysis) to identify the personal data held by the company, and the design and implementation of processes and procedures to keep the inventory and dataflow records current.

Lead Transfer Impact Assessments, Data Subject Request response and Breach Notification process

Provide privacy risk evaluation to leadership

Identify internal requirements and support the evaluation of compliance for Global or Regional (i.e. LGPD, PIPL)

Maintain current knowledge of applicable state, federal, and international privacy and data protection laws and regulations.

Develop and support Privacy related policy, standards and guidelines

Contribute to the development and delivery of initial and ongoing training on technology-related privacy topics to IT personnel.

Participate in Privacy reviews of customer and Third Party services

Participate in cross business security and privacy initiatives and maintain relationships as appropriate

Education Qualification

Bachelor’s degree from accredited university or college with minimum of 4 years of professional experience OR Associates degree with minimum of 7 years of professional experience OR High School Diploma with minimum of 9 years of professional experience



Minimum 3 years of professional experience in Privacy, Compliance, Information Technology, OR Digital Technology

Note: Military experience is equivalent to professional experience

Eligibility Requirement:

-Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.

Desired Characteristics / Technical Expertise:

Working knowledge of data protection laws and practices (including GDPR, LGPD, PIPL) that aligns with data processing operations and level of data protection required for the personal data processed by data controllers and data processors.

Strong technical understanding of encryption, pseudonymization, anonymization, and tokenization algorithms, technologies, and methods.

Prior employment in a privacy- or information security-related role with experience in risk assessment, control selection, and control implementation.

Demonstrated ability to use superior judgment and discretion in dealing with sensitive and confidential information.

Self-directed and detail-oriented, with excellent problem-solving skills and a record of solving complex problems.

Ability to see a project through from start to finish, including planning, analysis, design, testing, and implementation.

Experience working with audit and assessment frameworks

Good written and oral communication skills, including the ability to explain complex technical issues to non-technical individuals.

Knowledge of cloud platforms (Amazon AWS, Microsoft Azure) and the capabilities of their specific products and services a plus.

IAPP CIPM/CIPT, ISC2 CISSP, and/or ISACA CISA certifications

Business Acumen:
• Expert in breaking down problems and estimate time for development tasks.
• Proven track record of successfully managing and executing on short term and long term projects and the ability to establish rapport with various roles (executive management to deeply technical).
• Proactively identifies and removes obstacles or barriers on behalf of the customer
Leadership:
• Demonstrates clarity of thinking to work through limited information and vague problem definitions Influences through others; builds direct and "behind the scenes" support for ideas
• Shares knowledge, power, and credit, establishing trust, credibility, and goodwill
• Strong collaboration skills/experience working in a team environment.
• Excellent communications skills
Personal Attributes:
• Analytical and problem solving skills.
• Strong ability to prioritize and execute with minimal direction or oversight.
• Exceptional critical thinking, writing, and presentation skills that properly qualify assessments with concise, relevant, and accurate communications


This Job Description is intended to provide a high level guide to the role. However, it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager.

Additional Information
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

As a federal government contractor, GE may in the future be required to have U.S. employees fully vaccinated against COVID-19. Some GE customers currently have vaccination mandates that may apply to GE employees.

Relocation Assistance Provided: No