Cyber Security Analyst

• Monitor and respond to alerts from key security technologies and other internal sources. • Tunes alerts, processing rules, maintenance jobs, etc. to minimize false positives and noise while ensuring relevant security information is captured and highlighted. • Develop and implement new relevant detections within company SIEM. • Research emerging threats, evaluating likelihood of occurrence, and recommend controls to mitigate them. • Communicates ongoing investigations clearly and timely; • Create and update incident response playbooks and other security operations documentation as needed. • Interface with technical personnel and other teams as required. • Prepare and publish incident reports. • Track relevant KRIs and KPIs to measure program effectiveness. Requirements Experience • At least 1 year of overall privacy related experience: compliance, operations, engineering, GRC, and others. Education • Bachelor’s degree desirable in information technology, Information Security, or relevant field. • Advanced degree may be helpful but not required. • An IAPP certification is a plus (CIPP/US, CIPP/EU, CIPM, CIPT, etc.) Qualifications • Understanding of global privacy regulations, such as UK and EU’s GDPR, Canada’s PIPEDA, China’s PIPL, US laws such as CCPA and HIPAA; and other global privacyregulations • Experience assisting or supporting in the creation of a privacy program from the ground up. • Experience operationalizing some or all of the obligations described in the regulations mentioned above. • Basic knowledge of Records of Processing Activities (GDPR Article 30) requirements. • Experience using privacy tools/solutions: e.g., TrustArc, OneTrust, ServiceNow, etc. • Experience in either developing or executing Privacy Impact Assessments. • Knowledge regarding regulations that mandate online tracking technologies compliance (a.k.a., cookies), including EU ePrivacy Directive. • Assist in writing and editing policies and procedures that support the various capabilities of a privacy program: Data Subject Rights, ROPAs, PIAs, Notices, Consent language, etc. • Ability to manage multiple engagements and competing priorities in a rapidly growing and interactive team environment. • Share your own approaches to help optimize our global Privacy strategy. • A proven track record of success in an environment that demands the need to balance complex issues within limited operational realities. • Strong focus on business partnering and solutioning and ability to operate effectively in a matrix structure. • Experience reviewing legal agreements (e.g., Data Processing Agreements and/or Business Associate Agreements) for clients and/or vendors is plus, but not required. Skills, Specialized Knowledge (Desired): • Website developer or engineer background. • Understanding of online tracking technologies (aka cookies) and how they collect data. • Knowledge of GitHub. • Javascript, HTML, and/or other programming languages used on websites. • Follow directions to conduct website scanning using third party tools to identify cookies (i.e., online tracking technologies). • Follow directions on how to perform website code review to ensure cookies are in compliance within privacy regulations. • Explain to website owners the differences between strictly necessary cookies and other categories of cookies (e.g., analytical, functional, etc.), and their respective different consent requirements. • Cross-functional experience including HR, product engineering, product developers, international data transfers, supply chain, manufacturing, procurement, IT, manufacturing, third party providers, etc.