Consultant - Privacy Analyst -Privacy Risk Management

ABOUT KALLES GROUP:

Everyone deserves to be secure. Our mission at Kalles Group is to help secure the future for companies of all shapes and sizes.

While our expertise spans multiple disciplines our method remains consistent: building trust and relationship with people whether you are a client a consultant orin this casea candidate.

No matter what role you come fromwhether youre an executive or just starting your careeryou can expect our highest level of attention and respect. We want to find the right fit for each role but we also want you to find the right fit for your career.

We believe the best way to show you what our team is like is to treat you like youre already a part of it. We hope youll consider joining our team of experienced professionals who are building their careers at Kalles Groupand having fun while doing it.

WHAT YOU WILL DO:

As a Privacy Analyst you will play a critical role on the IT Information Security and Compliance team focusing on privacy risk management and regulatory compliance across multiple frameworks including California Privacy Law HIPAA GDPR and international PII regulations. You will ensure the delivery of highquality assessments foster a strong PIA (Privacy Impact Assessment) process and collaborate closely with business stakeholders to meet organizational compliance and privacy goals. This role involves supporting client privacy initiatives including the mobile app and requires expertise in enterprisewide platforms technical problemsolving and adherence to company best practices.

We anticipate this role being up to 40 hours/week. We are open to C2C.

You will:

Privacy Impact Assessments (PIA):

• Support with Privacy Impact Assessments (PIAs) to identify and document personal information (PI) use justifications.
• Collaborate with key stakeholders and business owners to update or create new PIAs.
• Organize and facilitate meetings with business units to guide them through the PIA process.
• Follow up with additional Points of Contact to ensure understanding of business processes and PIAs.
• Update PIA documentation including descriptions of initiatives PI data flows data subject categories data collection and use cases internal and external sharing storage and retention periods and crossborder transfers.
• Review assessments for completeness and accuracy providing risk rankings based on findings.
• Identify additional processes required postPIA completion such as DPAs DPIAs ROPAs or DSR mappings.
• Follow PIA processes as outlined in Standard Operating Procedures (SOPs).
• Update existing SOPs to reflect changes in the PIA process.
• Draft new SOPs for the PIA process.
• Assist with building out the Confluence site to document processes and resources.
• Help identify key business stakeholders for ongoing collaboration.

General Privacy and Risk Management:

• Ensure alignment with organizational compliance requirements and industry best practices.
• Drive innovation and influence the delivery and performance of privacy risk management initiatives.
• Partner with legal compliance and business stakeholders to meet security privacy and risk objectives.

ABOUT YOU:

• Your values:
  • Integrity: You believe in doing the right thing even when its uncomfortable seemingly inefficient or costly.
  • Purposefulness: You have a desire to serve others with your skillset and an openness to continuous learning and growth.
  • Ownership: You stick to your commitments follow up with action and seek clarity in communication & expectations.

Preferred experience:

• Experience in privacy risk management regulatory compliance or related fields.
• Handson experience with privacy regulations and frameworks including California Privacy Law HIPAA GDPR and PII management (domestic and international).
• Proven expertise in conducting Privacy Impact Assessments (PIAs).
• Strong understanding of data flows privacy justifications and riskranking methodologies.
• Experience developing and updating SOPs and maintaining Confluence or similar documentation tools.
• Ability to collaborate effectively with crossfunctional teams and key stakeholders.
• Exceptional problemsolving communication and analytical skills.
• Bachelors degree in Information Technology Business Administration or a related field.

Preferred certifications:

• Certified Information Privacy Professional (CIPP).
• Certified Information Systems Auditor (CISA).
• Certified Information Security Manager (CISM).
• GDPR certification or other relevant data protection certification.

WHAT WE OFFER:

• The salary for this role is $100125K/year
• Work/life balance we know theres more to life than work! We encourage our team to pursue other passions get outside and spend time with family. We work with clients and consultants to set expectations for a manageable workload.
• Opportunities to connect in person and remotely with a passionate supportive team.

LOCATION:

This role can be remote.

HOW TO APPLY:

Please fill out the form below (including uploading your most recent resume) and well be in touch! We know imposter syndrome can be a barrier to many great applicants. We hope youll still consider applying. Thats why weve made the application process as short and simple as possible.

Even if youre not a fit for the role you can expect to hear back from us! We want you to have the best experience as a candidate so please feel free to share feedback at any stage of the process to .

Kalles Group is an equalopportunity employer and does not discriminate on the basis of creed nationality race ethnicity disability gender or other protected class.