Risk and Compliance Analyst - US Based Remote

Information security and Data Privacy are at the core of Anywhere and your work efforts will help identify, protect, and govern sensitive data for our business areas as well as internal and external customers. The Data Privacy and Compliance Analyst is responsible for assessing applications, policies/procedures, and business operations to ensure the organization meets privacy requirements and government regulations for the protection of sensitive information. Our Privacy and Compliance Analysts manage data, regulatory and operational risks related to sensitive and critical information assets, continuously monitor business processes, and the use of applications/databases to meet or exceed privacy and security requirements.

What you will be doing:

• Works with business partners across the company to ensure compliance with privacy laws, regulations and provide guidance.
• Analyze and determine the applicability of Global and state privacy laws, regulations and guidance and proactively address identified gaps.
• Managing the data privacy inventory of data/applications/suppliers/business processes ensuring accuracy and completeness is being achieved.
• Interpret regulations and identify ways to measure controls in place to ensure compliance.
• Provide our internal customers with guidance on understanding regulatory standards and how they impact our business’ organization and its affiliates/customers.
• Lead and participate in enterprise level projects, program self-assessments/audits.
• Support implementation of new automation and tools to better streamline the programs. Includes working with Data Privacy leaders to address identified enhancements to policies, procedures, and processes.
• Develop, maintain, and report on KRIs, KPIs and other risk identifiers designed to highlight privacy risks/risk trends.
• Help drive a Data Privacy culture & Awareness across the company. This includes participating in industry forums/meetings and bringing lessons learned back to the team.

Qualifications And Education Requirements:

• Experience with Third-Party Risk Management (TPRM) from either the vetting of vendors or from the vendor response perspective.
• Experience with managing and supporting various-sized projects.
• Bachelor’s degree in business, Risk Management, or other related field, or 5 + years of relevant experience.
• Experience leading or supporting an audit or audit related project (Operational, IT, SOX) having appreciation of what the auditor would look for.
• Professional certifications in Data Privacy, IT/IS, Risk Management or a willingness to obtain, such as CIPP/US, CISA preferred.

Preferred Skills:

• Excellent Communication (Oral & Written)
• Excellent attention to detail
• Strong analytical skills
• Excellent Problem Solver
• Ability to work as an independent contributor and as part of a team.
• Strong Project Management experience
• Experience with GRC tooling, DP platforms and a high proficiency with MS products
• Familiar with GDPR, NY DFS, CPRA, PCI DSS and other data privacy regulations.

Reports to: Global Data Privacy Senior Manager

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Legal

Industries: IT Services and IT Consulting

EEO Statement: EOE including disability/veteran