•
Monitor and respond to alerts from key security technologies and other internal sources.

•
Tunes alerts, processing rules, maintenance jobs, etc. to minimize false positives and noise while ensuring relevant security information is captured and highlighted.

•
Develop and implement new relevant detections within company SIEM.

•
Research emerging threats, evaluating likelihood of occurrence, and recommend controls to mitigate them.

•
Communicates ongoing investigations clearly and timely;

•
Create and update incident response playbooks and other security operations documentation as needed.

•
Interface with technical personnel and other teams as required.

•
Prepare and publish incident reports.

•
Track relevant KRIs and KPIs to measure program effectiveness.

Requirements

Experience

•
At least 1 year of overall privacy related experience: compliance, operations, engineering, GRC, and others.

•
Bachelor’s degree desirable in information technology, Information Security, or relevant field.

•
Advanced degree may be helpful but not required.

•
An IAPP certification is a plus (CIPP/US, CIPP/EU, CIPM, CIPT, etc.)

Qualifications

•
Understanding of global privacy regulations, such as UK and EU’s GDPR, Canada’s

PIPEDA, China’s PIPL, US laws such as CCPA and HIPAA; and other global privacyregulations

•
Experience operationalizing some or all of the obligations described in the regulations mentioned above.

•
Basic knowledge of Records of Processing Activities (GDPR Article 30) requirements.

•
Experience using privacy tools/solutions: e.g., TrustArc, OneTrust, ServiceNow, etc.

•
Experience in either developing or executing Privacy Impact Assessments.

•
Knowledge regarding regulations that mandate online tracking technologies compliance

(a.k.a., cookies), including EU ePrivacy Directive.

•
Assist in writing and editing policies and procedures that support the various capabilities of a

privacy program: Data Subject Rights, ROPAs, PIAs, Notices, Consent language, etc.

•
Ability to manage multiple engagements and competing priorities in a rapidly growing and interactive team environment.

•
Share your own approaches to help optimize our global Privacy strategy.

•
A proven track record of success in an environment that demands the need to balance complex issues within limited operational realities.

•
Strong focus on business partnering and solutioning and ability to operate effectively in a matrix structure.

•
Experience reviewing legal agreements (e.g., Data Processing Agreements and/or Business Associate Agreements) for clients and/or vendors is plus, but not required.

•
Website developer or engineer background.

•
Understanding of online tracking technologies (aka cookies) and how they collect data.

•
Knowledge of GitHub.

•
Javascript, HTML, and/or other programming languages used on websites.

•
Follow directions to conduct website scanning using third party tools to identify cookies (i.e., online tracking technologies).

•
Follow directions on how to perform website code review to ensure cookies are in compliance within privacy regulations.

•
Explain to website owners the differences between strictly necessary cookies and other categories of cookies (e.g., analytical, functional, etc.), and their respective different consent requirements.

•
Cross-functional experience including HR, product engineering, product developers, international data transfers, supply chain, manufacturing, procurement, IT, manufacturing, third party providers, etc.