Data Privacy Analyst

The Analyst supports a wide range of privacy compliance and governance activities. This includes reviewing privacy assessments, supporting incident and breach management, maintaining key privacy records, monitoring regulatory developments, and contributing to ongoing enhancements in the privacy program. The position reports to the Privacy Manager for the region and involves regular interaction with business units, control partners, and stakeholders across multiple jurisdictions.

• Review and provide challenge on Privacy Impact Assessments, Legitimate Interest Assessments, Transfer Impact Assessments, and Third-Party Control Assessments.
• Support management of data privacy incidents and breaches, including investigation, coordination, documentation, and follow-up actions.
• Assist with data subject rights requests in accordance with GDPR and regional privacy laws.
• Oversee annual reviews of Records of Processing Activities (ROPA) and support associated attestation processes.
• Maintain privacy issues logs and tracking documentation relevant to regional compliance activities.
• Support maintenance of privacy-related risk assessments, metrics, dashboards, and reporting tools to assess the effectiveness of the privacy program.
• Monitor changes to privacy legislation and regulatory expectations across the region and support implementation activities.
• Assist in developing and updating privacy policies, procedures, notices, and guidance materials.
• Support delivery of privacy training and awareness initiatives.
• Participate in monitoring and testing activities relevant to privacy controls and compliance.
• Escalate risks and issues in line with governance protocols.
• Contribute to privacy aspects of corporate transactions, including due diligence, integration planning, and policy harmonisation.
• Collaborate with other members of the global privacy function to share knowledge, enhance processes, and support program development.
• Maintain ongoing professional development related to privacy legislation, regulatory expectations, and best practices.

Background in one or more of the following:

• Privacy and Data Protection
• Compliance
• Legal
• Risk Management
• Internal Audit
• Information Technology Other

• Strong ability to manage timelines, deliverables, and multiple workstreams independently.
• Excellent verbal and written communication skills, including the ability to work with stakeholders across different countries and disciplines.
• Analytical mindset with strong problem-solving capabilities and close attention to detail.
• Ability to build trusted stakeholder relationships, influence effectively, and communicate complex privacy concepts clearly.
• Proficiency with Microsoft Office (Word, Excel, PowerPoint).