Cyber Security Analyst

Monitor and respond to alerts from key security technologies and other internal sources.

Tunes alerts processing rules maintenance jobs etc. to minimize false positives and noise while ensuring relevant security information is captured and highlighted.

Develop and implement new relevant detections within company SIEM.

Research emerging threats evaluating likelihood of occurrence and recommend controls to mitigate them.

Communicates ongoing investigations clearly and timely;

Create and update incident response playbooks and other security operations documentation as needed.

Interface with technical personnel and other teams as required.

Prepare and publish incident reports.

Track relevant KRIs and KPIs to measure program effectiveness.

Requirements

Experience

At least 1 year of overall privacy related experience: compliance operations engineering GRC and others.

Bachelors degree desirable in information technology Information Security or relevant field.

Advanced degree may be helpful but not required.

An IAPP certification is a plus (CIPP/US CIPP/EU CIPM CIPT etc.)

Qualifications

Understanding of global privacy regulations such as UK and EUs GDPR Canadas

PIPEDA Chinas PIPL US laws such as CCPA and HIPAA; and other global privacyregulations

Experience operationalizing some or all of the obligations described in the regulations mentioned above.

Basic knowledge of Records of Processing Activities (GDPR Article 30) requirements.

Experience using privacy tools/solutions: e.g. TrustArc OneTrust ServiceNow etc.

Experience in either developing or executing Privacy Impact Assessments.

Knowledge regarding regulations that mandate online tracking technologies compliance

(a.k.a. cookies) including EU ePrivacy Directive.

Assist in writing and editing policies and procedures that support the various capabilities of a

privacy program: Data Subject Rights ROPAs PIAs Notices Consent language etc.

Ability to manage multiple engagements and competing priorities in a rapidly growing and interactive team environment.

Share your own approaches to help optimize our global Privacy strategy.

A proven track record of success in an environment that demands the need to balance complex issues within limited operational realities.

Strong focus on business partnering and solutioning and ability to operate effectively in a matrix structure.

Experience reviewing legal agreements (e.g. Data Processing Agreements and/or Business Associate Agreements) for clients and/or vendors is plus but not required.

Website developer or engineer background.

Understanding of online tracking technologies (aka cookies) and how they collect data.

Knowledge of GitHub.

Javascript HTML and/or other programming languages used on websites.

Follow directions to conduct website scanning using third party tools to identify cookies (i.e. online tracking technologies).

Follow directions on how to perform website code review to ensure cookies are in compliance within privacy regulations.

Explain to website owners the differences between strictly necessary cookies and other categories of cookies (e.g. analytical functional etc.) and their respective different consent requirements.

Cross-functional experience including HR product engineering product developers international data transfers supply chain manufacturing procurement IT manufacturing third party providers etc.