Privacy Analyst - Privacy Risk Management

Kalles Group Logo

Kalles Group

💵 $100k-$125k
📍Remote - United States

Summary

Join Kalles Group as a Privacy Analyst and play a critical role in the IT Information Security and Compliance team. You will focus on privacy risk management and regulatory compliance across multiple frameworks, including California Privacy Law, HIPAA, GDPR, and international PII regulations. Ensure high-quality assessments, foster a strong PIA process, and collaborate with stakeholders to meet compliance and privacy goals. Support client privacy initiatives, including the mobile app, requiring expertise in enterprise-wide platforms and technical problem-solving. This role involves up to 40 hours/week and C2C is an option. Kalles Group offers a supportive team environment and work/life balance.

Requirements

Bachelor’s degree in Information Technology, Business Administration, or a related field

Responsibilities

  • Support with Privacy Impact Assessments (PIAs) to identify and document personal information (PI) use justifications
  • Collaborate with key stakeholders and business owners to update or create new PIAs
  • Organize and facilitate meetings with business units to guide them through the PIA process
  • Follow up with additional Points of Contact to ensure understanding of business processes and PIAs
  • Update PIA documentation, including descriptions of initiatives, PI data flows, data subject categories, data collection and use cases, internal and external sharing, storage and retention periods, and cross-border transfers
  • Review assessments for completeness and accuracy, providing risk rankings based on findings
  • Identify additional processes required post-PIA completion, such as DPAs, DPIAs, ROPAs, or DSR mappings
  • Follow PIA processes as outlined in Standard Operating Procedures (SOPs)
  • Update existing SOPs to reflect changes in the PIA process
  • Draft new SOPs for the PIA process
  • Assist with building out the Confluence site to document processes and resources
  • Help identify key business stakeholders for ongoing collaboration
  • Ensure alignment with organizational compliance requirements and industry best practices
  • Drive innovation and influence the delivery and performance of privacy risk management initiatives
  • Partner with legal, compliance, and business stakeholders to meet security, privacy, and risk objectives

Preferred Qualifications

  • Experience in privacy risk management, regulatory compliance, or related fields
  • Hands-on experience with privacy regulations and frameworks, including California Privacy Law, HIPAA, GDPR, and PII management (domestic and international)
  • Proven expertise in conducting Privacy Impact Assessments (PIAs)
  • Strong understanding of data flows, privacy justifications, and risk-ranking methodologies
  • Experience developing and updating SOPs and maintaining Confluence or similar documentation tools
  • Ability to collaborate effectively with cross-functional teams and key stakeholders
  • Exceptional problem-solving, communication, and analytical skills
  • Certified Information Privacy Professional (CIPP)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • GDPR certification or other relevant data protection certification

Benefits

  • The salary for this role is $100-125K/year
  • Work/life balance – we know there’s more to life than work! We encourage our team to pursue other passions, get outside, and spend time with family. We work with clients and consultants to set expectations for a manageable workload
  • Opportunities to connect in person and remotely with a passionate, supportive team
  • This role can be remote

Remote

Cybersecurity

Mid-level

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.