Red Ventures is both a marketing company and a technology company. We are expanding nationally and globally. We operate in a myriad of industries, each with unique compliance and legal needs.
With an environment that presents unique and changing challenges, it’s with excitement that we begin our search for a talented, multi-faceted Privacy Analyst who will ensure that we remain in adherence to global privacy regulations, legal standards, and in-house policies as it pertains to data privacy.
In terms of Privacy Compliance and Privacy Program Management, the Privacy Analyst shall, at the direction of the CISO/CPO and Director of Privacy, perform the ongoing activities related to the development, implementation and maintenance of the organization's privacy program in accordance with applicable laws, regulations and contractual obligations.
- Builds and/or executes a strategic and comprehensive privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality, integrity and availability of sensitive and/or protected information assets, paper and/or electronic, across all media types. Ensures privacy forms, policies, processes, standards, and procedures are up-to-date.
- Collaborate with other members of the information security and privacy team to ensure alignment between security and privacy compliance programs including policies, practices, investigations, and acts as a liaison to the organization’s technical and business stakeholders.
- Works with organization senior management, security, and legal counterparts to establish governance for the privacy program.
- Serves in a leadership role for privacy compliance in their area of accountability and across the organization.
- Develops and delivers initial and ongoing privacy training to the workforce.
- Initiates, facilitates and promotes activities to foster information privacy awareness within the organization.
- Performs or oversees initial and periodic privacy risk and impact assessment/analysis, mitigation and remediation.
- Conducts related ongoing compliance monitoring activities in coordination with the organization's other compliance and operational assessment functions.
- Takes a lead role to ensure the organization has and maintains appropriate privacy and confidentiality consents, authorization forms and information notices and materials reflecting current organization and legal practices and requirements.
- Participates in the development, implementation, and ongoing compliance monitoring of all data controllers, processors, business associates and associated legal agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed.
- Works cooperatively with applicable organization units in overseeing data subject rights and facilitation of data subject and/or legal requests, when appropriate.
- Establishes and administers a process for investigating and acting on privacy and security complaints
- Establishes, in collaboration with information security, an ongoing process to track, investigate and report inappropriate access and disclosure of sensitive and/or protected. Monitor patterns of inappropriate collection, access and disclosure of sensitive and/or protected information.
- Performs required breach risk assessment, documentation, and mitigation. Works with key stakeholders (e.g., HR, Legal, senior management, etc.) to ensure consistent application of sanctions for privacy violations
- Manages all required breach determination, response, notification and remediation processes, in accordance with applicable laws, regulation and/or contractual obligations and requirements.
- Maintains current knowledge of applicable privacy and security compliance laws, regulations and accreditation standards.
- Works with RV administration, legal counsel, information security and other related parties to represent the organization's information privacy interests with external parties (e.g., government bodies) who undertake to adopt or amend privacy legislation, regulation, or standard.
- Serves as information privacy resource to the organization regarding release of information and to internal/external groups or entities for all privacy related issues.
DESIRED QUALIFICATIONS, SKILLS AND EXPERIENCE
- Bachelor’s degree in a relevant field.
- Knowledge and experience in information privacy and security laws and practices
- Demonstrated organization, facilitation, written and oral communication, and presentation skills.
- Recommended privacy certification such as Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified Information Privacy Technologist (CIPT), Certified Information Security Systems Professional (CISSP), etc.
- Experience with privacy management tooling a plus.
- Demonstrated skills in collaboration, teamwork, and problem-solving to achieve goals
- Demonstrated skills in verbal communication and listening
- Demonstrated skills in providing excellent service to customers
- A high level of integrity and trust
- Extensive familiarity with US and global privacy relevant legislation and standards
- Digital Marketing/Digital Advertising industry experience a plus
About Red Ventures:
Red Ventures is a multi-billion-dollar portfolio of digital companies that specialize in bringing consumers and brands together. Through bespoke technology, integrated digital commerce and sales, distinguished partnerships, data science and original content from the company’s proprietary brands and marketplaces, Red Ventures provides better end-to-end consumer experiences throughout the buying cycle. Headquartered in the Charlotte metro area, Red Ventures has more than 3,600 employees globally in offices across the US, UK and Brazil.