Security Engineer

Key Responsibilities:

• Information Risk Management (IRM): Work closely with compliance team to conduct comprehensive risk assessments to identify and mitigate data privacy risks. Develop and implement risk management strategies to ensure the protection of personal data.
• Privacy Impact Assessments (PIA): Lead the execution of Privacy Impact Assessments to evaluate the privacy implications of new projects, systems, and processes. Provide recommendations to mitigate identified risks.
• OneTrust Implementation: Utilize OneTrust to manage data privacy compliance activities, including data mapping, consent management, and incident response. Ensure the effective use of OneTrust to streamline privacy operations.
• Compliance and Regulatory Requirements: Stay up-to-date with data privacy laws and regulations, including GDPR, CCPA, and other relevant legislation. Ensure the organization s data privacy practices are compliant with these regulations.
• Policy Development: Develop and maintain data privacy policies, procedures, and guidelines. Ensure that these policies are effectively communicated and enforced across the organization.
• Training and Awareness: Conduct training sessions and workshops to raise awareness about data privacy best practices and regulatory requirements among employees.
• Third-Party Risk Management: Assess and manage data privacy risks associated with third-party vendors and partners. Ensure that appropriate data protection agreements are in place.
• Incident Response: work closely with legal and compliance and coordinate with relevant stakeholders to investigate incidents, mitigate risks, and implement corrective actions.
• Documentation and Reporting: Maintain detailed records of data privacy activities, including risk assessments, PIAs, and incident reports. Prepare regular reports for senior management on the status of data privacy compliance.

Qualifications:

• Bachelor s degree in Information Security, Law, Business Administration, or a related field.
• Minimum of 5 years of experience in data privacy, information security, or a related field.
• Extensive experience with OneTrust for managing data privacy compliance activities.
• In-depth knowledge of data privacy regulations, including GDPR, CCPA, and other relevant laws.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Relevant certifications such as CIPP, CIPM, or CIPT are highly desirable.

Preferred Skills:

• Experience in conducting Privacy Impact Assessments (PIA) and Information Risk Management (IRM).
• Familiarity with data privacy frameworks and best practices.
• Strong project management skills.
• Ability to manage multiple tasks and projects simultaneously.