Cyber Security Analyst

• Monitor and respond to alerts from key security technologies and other internal sources.

• Tunes alerts, processing rules, maintenance jobs, etc. to minimize false positives and noise while ensuring relevant security information is captured and highlighted.

• Develop and implement new relevant detections within company SIEM.

• Research emerging threats, evaluating likelihood of occurrence, and recommend controls to mitigate them.

• Communicates ongoing investigations clearly and timely;

• Create and update incident response playbooks and other security operations documentation as needed.

• Interface with technical personnel and other teams as required.

• Prepare and publish incident reports.

• Track relevant KRIs and KPIs to measure program effectiveness.

Requirements

Experience

• At least 1 year of overall privacy related experience: compliance, operations, engineering, GRC, and others.

• Bachelor’s degree desirable in information technology, Information Security, or relevant field.

• Advanced degree may be helpful but not required.

• An IAPP certification is a plus (CIPP/US, CIPP/EU, CIPM, CIPT, etc.)

Qualifications

• Understanding of global privacy regulations, such as UK and EU’s GDPR, Canada’s

PIPEDA, China’s PIPL, US laws such as CCPA and HIPAA; and other global privacyregulations

• Experience operationalizing some or all of the obligations described in the regulations mentioned above.

• Basic knowledge of Records of Processing Activities (GDPR Article 30) requirements.

• Experience using privacy tools/solutions: e.g., TrustArc, OneTrust, ServiceNow, etc.

• Experience in either developing or executing Privacy Impact Assessments.

• Knowledge regarding regulations that mandate online tracking technologies compliance

(a.k.a., cookies), including EU ePrivacy Directive.

• Assist in writing and editing policies and procedures that support the various capabilities of a

privacy program: Data Subject Rights, ROPAs, PIAs, Notices, Consent language, etc.

• Ability to manage multiple engagements and competing priorities in a rapidly growing and interactive team environment.

• Share your own approaches to help optimize our global Privacy strategy.

• A proven track record of success in an environment that demands the need to balance complex issues within limited operational realities.

• Strong focus on business partnering and solutioning and ability to operate effectively in a matrix structure.

• Experience reviewing legal agreements (e.g., Data Processing Agreements and/or Business Associate Agreements) for clients and/or vendors is plus, but not required.

• Website developer or engineer background.

• Understanding of online tracking technologies (aka cookies) and how they collect data.

• Knowledge of GitHub.

• Javascript, HTML, and/or other programming languages used on websites.

• Follow directions to conduct website scanning using third party tools to identify cookies (i.e., online tracking technologies).

• Follow directions on how to perform website code review to ensure cookies are in compliance within privacy regulations.

• Explain to website owners the differences between strictly necessary cookies and other categories of cookies (e.g., analytical, functional, etc.), and their respective different consent requirements.

• Cross-functional experience including HR, product engineering, product developers, international data transfers, supply chain, manufacturing, procurement, IT, manufacturing, third party providers, etc.