413 Privacy Analyst jobs in the United States

**#WeAreParamount on a mission to unleash the power of content you in?**
Weve got the brands, weve got the stars, and weve got thepowerto achieve our mission to entertain the planet now all were missing isYOU!Becoming a part of Paramount means joining a team that values authenticity and embraces inclusion for all. We are searching for individuals who not only recognize the power of content but also enjoy a touch of fun and uniqueness. Together, we co-create moments that matter both for our audiences and our employees. You fuel our culture of purpose, passion, and collaboration. Were in this together.
**Overview and Responsibilities:**
The Privacy Analyst is responsible for assisting with the operational day-to-day management and implementation of the Paramount Privacy Program. Youll be part of a team responsible for a wide range of cross-functional privacy and data protection projects. Youll be working in close collaboration with teams throughout the company and will help us to build and support scalable tools and processes to keep the data of the people that use our services safe.
**Responsibilities Include:**
Coordinate and collaborate with business and product development teams on the implementation, management and support of the Paramounts Privacy Program.
Work on projects related to ongoing compliance with data protection and privacy laws, advertising industries and related requirements.
Assist with responding to privacy-related inquiries.
Utilize technical expertise to perform privacy audits on Paramount properties to meet the principles of Privacy by Design.
Contribute to the teams effort to monitor data privacy laws and regulations.
Prepare and maintain documentation related to privacy compliance.
Assist with the development of awareness and training materials for organizational education.
**Basic Qualifications:**
3+ years of demonstrated related experience in a fast-paced legal, media, or security environment with strong knowledge of the software development lifecycle.
Excellent communication skills with the ability to foster relationships and collaborate with internal teams.
Highly organized, detail-oriented and good at multitasking.
**Additional Qualifications:**
Familiarity with current data privacy laws.
Knowledge of the online advertising ecosystem including programmatic technologies and platforms.
Knowledge of data related initiatives such as ingestion, report and dashboard creation, analytics and site tracking implementation
Experience with privacy vendors such as OneTrust, etc.
An IAPP CIPP certification.
Paramount Global (NASDAQ: PARA, PARAA) is a leading global media and entertainment company that creates premium content and experiences for audiences worldwide. Driven by iconic studios, networks and streaming services, Paramount's portfolio of consumer brands includes CBS, Showtime Networks, Paramount Pictures, Nickelodeon, MTV, Comedy Central, BET, Paramount+, Pluto TV and Simon & Schuster, among others. Paramount delivers the largest share of the U.S. television audience and boasts one of the industry's most important and extensive libraries of TV and film titles. In addition to offering innovative streaming services and digital video products, the company provides powerful capabilities in production, distribution and advertising solutions.
ADDITIONAL INFORMATION
Hiring Salary Range: $90,000.00 - 95,000.00.
The hiring salary range for this position applies to New York City, California, Colorado, Washington state, and most other geographies. Starting pay for the successful applicant depends on a variety of job-related factors, including but not limited to geographic location, market demands, experience, training, and education. The benefits available for this position include medical, dental, vision, 401(k) plan, life insurance coverage, disability benefits, tuition assistance program and PTO or, if applicable, as otherwise dictated by the appropriate Collective Bargaining Agreement.
**What We Offer:**
+ Attractive compensation and comprehensive benefits packages. Check out our full list of benefits here: Generous paid time off.
+ An exciting and fulfilling opportunity to be part of one of Paramounts most dynamic teams.
+ Opportunities for both on-site and virtual engagement events.
+ Unique opportunities to make meaningful connections and build a vibrant community, both inside and outside the workplace.
+ Explore life at Paramount: is an equal opportunity employer (EOE) including disability/vet.
At Paramount, the spirit of inclusion feeds into everything that we do, on-screen and off. From the programming and movies we create to employee benefits/programs and social impact outreach initiatives, we believe that opportunity, access, resources and rewards should be available to and for the benefit of all. Paramount is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, and Veteran status.
If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access as a result of your disability. You can request reasonable accommodations by calling or by sending an email to Only messages left for this purpose will be returned.

**Staples is business to business. You're what binds us together.**
Our talented finance team partners with every area of the business to drive results and provide financial expertise. We are passionate about analyzing and interpreting information to assess performance and provide guidance. Our team serves as a true partner and advisor to all our business leaders; working with them to accelerate the company's profitability and growth.
The Privacy Analyst is responsible for supporting the organization's privacy and data protection initiatives by implementing privacy compliance activities, conducting data privacy impact assessments, monitoring internal controls, and responding to privacy-related incidents and inquiries. This role serves as a key contributor to ensuring that business operations and vendor engagements adhere to applicable data privacy laws and corporate policies. The ideal candidate has a strong understanding of privacy regulations (e.g., CCPA and other state laws), data governance principles, and risk assessment methodologies.
**What you will be doing:**
+ Conduct data impact assessments (PIAs) and data protection impact assessments (DPIAs) for business processes and systems.
+ Monitor compliance with privacy and internal data protection policies.
+ Support the development, review, and implementation of privacy policies, procedures, and training programs.
+ Investigate and document privacy incidents and support incident response efforts, including breach notification processes when necessary.
+ Track and document data processing activities (RoPA), including partnering closely with third-party vendor risk teams.
+ Collaborate with legal, IT, security, compliance, and business units to assess privacy risks and recommend mitigating controls.
+ Maintain and update data subject request (DSR) response processes, ensuring timely completion of access, deletion, and correction requests.
+ Participate in audits and support documentation efforts for privacy-related certifications and regulatory inquiries.
+ Assist with monitoring, tracking, and reporting privacy metrics and KPIs.
+ Identify opportunities for process improvement and assist in automation or optimization of privacy related workflows.
**What You Bring to the Table:**
+ Strong analytical and problem-solving skills.
+ Strong organizational and documentation skills.
+ Excellent written and verbal communication skills.
+ Attention to detail with a high degree of accuracy and quality.
+ Ability to prioritize and manage multiple projects in a fast-paced environment.
+ Collaborative mindset and ability to build trust across departments.
+ Proactive and adaptable to regulatory and organizational changes.
**What's needed: Basic Qualifications:**
+ 2+ years of progressively complex experience in privacy, compliance, legal, risk management, or a related area.
+ Working knowledge of GDPR, CCPA/CPRA, and other relevant privacy laws and frameworks.
+ IAPP certification: CIPP/US, CIPP/E, CIPM, or CIPT.
+ Experience with OneTrust or TrustArc, or similar privacy management platforms
+ Proficiency in Microsoft Office Suite.
**Preferred Qualifications:**
+ Bachelor's Degree in Business, Information Systems, Law, or related field or equivalent work experience
+ Familiarity with data governance, information security, or cybersecurity frameworks (e.g., NIST, ISO 27001).
+ Experience working in highly regulated industries (healthcare, financial services, e-commerce).
+ Prior involvement in regulatory audits or legal discovery processes.
**We Offer:**
+ Inclusive culture with associate-led Business Resource Groups
+ Flexible PTO (22 days) and Holiday Schedule (7 observed paid holidays)
+ Online and Retail Discounts, Company Match 401(k), Physical and Mental Health Wellness programs, and more!
Staples is an Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender idenity, sexual orientation, age, national origin, protected veteran status, disability, or any other basis protected by federal, state, or local law.
For individuals with disabilities that need additional assistance at any point in the process, please call 1- for more information.

Koniag Data Solutions (KDS), a Koniag Government Services (KGS) company, is seeking a Cybersecurity Privacy Analyst to support our privacy program and ensure compliance with federal regulations, standards, and best practices. This role will work closely with the Assistant Privacy Officer to maintain privacy documentation, analyze compliance gaps, and implement privacy controls across the organization. The ideal candidate will have strong analytical skills, experience with privacy regulations, and the ability to collaborate across teams to ensure the protection of personally identifiable information (PII) and controlled unclassified information (CUI). This position offers a competitive compensation package, comprehensive benefits, and opportunities for professional growth.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
**Essential Functions, Responsibilities & Duties may include, but are not limited to:**
The Cybersecurity Privacy Analyst will be responsible for maintaining and enhancing the organization's privacy program. Principal responsibilities include:
+ Review and update privacy documentation as required including but not limited to Privacy Impact Assessments (PIA), Privacy Threshold Assessments (PTA), System of Records Notices (SORNs), and Security Impact Assessments (SIA) in support of the Assistant Privacy Officer
+ Perform analysis of current privacy posture to determine compliance gaps with federal and departmental requirements, regulations, laws, standards, and best practices
+ Review and update privacy policies and procedures as requested; maintain an inventory of policies and procedures needed to support the Privacy Program
+ Analyze, document, and maintain agreements to share data for all appropriate information systems
+ Assist with developing the Privacy Information Map (PIM) that identifies PII and CUI processed or stored in IT applications and databases to ensure such holdings are accurate, relevant, timely, and complete
+ Implement a process to review for Privacy Information in all applications to validate that database data flow diagrams, schemas, and design documents are up to date
+ Review and maintain PII incident handling procedures and assist in investigating PII incidents
+ Maintain agency-wide Data Protection Policy
+ Review and update Privacy Baseline Requirements for all information systems that include program and project level privacy controls
+ Review and analyze Artificial Intelligence use cases to identify privacy risks
+ Provide privacy-related training to employees on data protection policies and best practices
**_Requirements:_**
+ Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Law, or related field
+ 3+ years of experience in privacy, cybersecurity, or compliance roles
+ Experience with federal privacy regulations, including the Privacy Act, FISMA, and related NIST standards
+ Knowledge of privacy impact assessment processes and privacy control implementations
+ Experience with documentation review and policy development
+ In-depth knowledge of privacy laws, regulations, and frameworks applicable to federal agencies
+ Experience with privacy documentation including PIAs, PTAs, SIAs, and SORNs
+ Strong analytical skills with the ability to identify compliance gaps and recommend remediation actions
+ Proficiency in evaluating systems and applications for privacy risks and implementing appropriate controls
+ Experience in data mapping and data flow documentation
+ Knowledge of incident response procedures related to PII breaches
+ Excellent written and verbal communication skills
+ Ability to translate complex technical and regulatory requirements into actionable policies and procedures
+ Experience providing privacy awareness training to diverse audiences
+ Strong attention to detail and organizational skills
+ Ability to work independently and prioritize tasks effectively
**Desired Skills and Competencies:**
+ Professional certifications such as CIPP/G, CIPM, CISSP, or equivalent
+ Experience working in federal government agencies
+ Knowledge of the NIST Privacy Framework and NIST SP 800-53 privacy controls
+ Experience with the Federal Risk and Authorization Management Program (FedRAMP)
+ Knowledge of artificial intelligence and machine learning privacy implications
+ Experience with privacy automation tools or governance, risk, and compliance (GRC) platforms
+ Understanding of cloud security and privacy considerations
+ Experience with privacy-by-design methodologies
+ Knowledge of controlled unclassified information (CUI) handling requirements
+ Experience with data governance and data protection programs
**Our Equal Employment Opportunity Policy**
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at or by calling to request accommodations.
_Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit_ _ _._
**_Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352_**
**Job Details**
**Job Family** **IT, Cyber Security, Network Systems**
**Job Function** **Information Security/Privacy Analyst**
**Pay Type** **Salary**
**Education Level** **Bachelor's Degree**

WE ARE HEALTHCARE SYSTEMS OF AMERICA. Our mission is to elevate healthcare standards, improve patient outcomes, and create value for communities across the United States. Healthcare Systems of America (HSA) is more than a healthcare provider-we're a community built on excellence, innovation, and compassion. If you're looking for a career that makes a difference, empowers you to grow, and gives you the opportunity to impact lives, HSA is where you belong.

Healthcare Systems of America operates 8 community hospitals across 3 states. We service a multitude of patients and their families across our vast network, while remaining committed to the professional development of our staff, the functional improvement of our patients, and the cultivation of strong partnerships within our communities.

WHAT WE OFFER

• Career Growth & Development - We are an essential, stable and growing company with many opportunities for training and advancement within the medical field that all employees and team members can benefit from.
• Supportive & Inclusive Culture - We foster an environment where every team member is valued, heard, and empowered to succeed.
• Meaningful Work - Every day, you'll contribute to patient care, cutting-edge medical solutions, and life-changing treatment and technologies.

POSITION SUMMARY

The GRC and Privacy Analyst supports the organization's Governance, Risk, and Compliance (GRC) initiatives, as well as privacy and data protection functions. The role is responsible for assisting with policy management, risk assessments, audit readiness, and privacy compliance programs including HIPAA, HITECH, and other applicable federal and state regulations within the healthcare industry.

PRIMARY RESPONSIBILITIES

Governance, Risk & Compliance (GRC)

• Support implementation and maintenance of GRC frameworks and processes.
• Assist in developing and updating internal policies, standards, and controls.
• Track compliance metrics and prepare GRC reports for leadership.
• Support regulatory and third-party audits by coordinating documentation and responses.

Privacy & Data Protection

• Assist with managing privacy policies and procedures in alignment with HIPAA and HITECH.
• Conduct Privacy Impact Assessments (PIAs) and assist with Data Protection Impact Assessments (DPIAs).
• Help monitor privacy risks and maintain logs of incidents, investigations, and breach reports.
• Contribute to staff training initiatives on data privacy and protection policies.

Risk Assessments & Vendor Management

• Assist in conducting third-party risk assessments and maintaining a vendor compliance tracker.
• Document risk mitigation strategies and coordinate with internal stakeholders on remediation efforts.
• Maintain inventory of data flows and systems storing protected health information (PHI).

Audit Readiness & Monitoring

• Maintain audit documentation and evidence in support of GRC and privacy compliance efforts.
• Track audit findings and support follow-up activities and closure of remediation items.
• Help monitor emerging privacy laws and changes in regulatory requirements.

EXPERIENCE/EDUCATION REQUIREMENTS

• Bachelor's degree in information security, Health Information Management, or a related field.
• 2+ years of experience in GRC, compliance, or privacy roles within a healthcare environment.
• Familiarity with HIPAA, HITECH, and data privacy laws and regulations.
• Excellent analytical, documentation, and communication skills.
• Proficiency in Microsoft Excel, Word, and compliance management platforms.

Preferred Qualifications

• Professional certifications such as CIPP/US, CHPC, or GRCP.
• Experience with GRC tools such as FortifyData, OneTrust, Archer, or ServiceNow.
• Understanding of hospital workflows and protected health information (PHI) lifecycle.

**Our Opportunity:**
Chewy is looking for a Corporate Compliance and Privacy Analyst to join our Legal Team based in Plantation, Florida! This position is an exciting opportunity for the successful candidate to join a fast-paced, technology-first dynamic department supporting all aspects of the organization with respect to a broad spectrum of compliance and privacy issues and any other topics needed by the business. As the Compliance and Privacy Analyst you will work cross-functionally with our partners in Procurement, Internal Audit, Human Resources, and Information Technology. This position will report to the Corporate Counsel - Compliance & Privacy and will use their compliance, privacy, and technology skills to contribute to the operations of the business.
**What You'll Do:**
+ Conduct initial and ongoing assessments of third-party vendors, focusing on compliance, security, privacy, and operational risk
+ Maintain accurate records of vendor risk assessments and prepare reports for management and relevant stakeholders.
+ Support compliance training and communications program, including creating and providing compliance training to employees and other parties
+ Serve as the Legal Policy administrator to drive policy updates through gathering input to ensure policies meet the needs of the organization
+ Undertake multijurisdictional research projects on various other topics, as may be requested from time to time
+ Assist in the development and improvement of TPRM policies, procedures, and tools.
+ Develop workflows and controls to mature compliance and privacy-related controls with cross-functional teams such as HR, IT-GRC, and Internal Audit
+ Serve as a trusted advisor and partner to colleagues at all levels of the organization
**What You'll Need:**
+ 2+ years of relevant experience in an operational compliance, privacy, and/or TPRM professional position
+ Proficient in Microsoft Office Suite (Word, Excel, PowerPoint, Outlook) and OneDrive; comfortable managing and collaborating on documents in a cloud-based environment
+ Experience using various compliance software tools and platforms, including policy governance, ERM platform, Learning platforms, and supplier due diligence software (AuditBoard, Navex, WorldCheck, One-Trust)
+ Experience with updating organization policies and procedures
+ Demonstrate strong attention to detail and a high level of accuracy in work, with the ability to identify and resolve issues independently
+ Be a team player who can design and lead cross-functional internal projects and initiatives
+ Excellent analytical, problem-solving, and communication skills
+ Display the highest level of judgment, ethical conduct, and integrity
+ Travel Requirement: Up to 10% travel may be required.
**Chewy is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, ancestry, national origin, gender, citizenship, marital status, religion, age, disability, gender identity, results of genetic testing, veteran status, as well as any other legally-protected characteristic. If you have a disability under the Americans with Disabilities Act or similar law, and you need an accommodation during the application process or to perform these job requirements, or if you need a religious accommodation, please contact** ** ** **.**
**To access Chewy's Customer Privacy Policy, please click here ( .**
**To access Chewy's California CPRA Job Applicant Privacy Policy, please click here ( .**

UnitedHealth Group is a health care and well-being company that's dedicated to improving the health outcomes of millions around the world. We are comprised of two distinct and complementary businesses, UnitedHealthcare and Optum, working to build a better health system for all. Here, your contributions matter as they will help transform health care for years to come. Make an impact with a diverse team that shares your passion for helping others. Join us to start **Caring. Connecting. Growing together.**
Bring us your experience, your head for strategy, your strength with relationships and your eye for opportunity. In return we offer an unmatched place to grow and develop your career among a richly diverse group of businesses driven by the power and stability of a leading health care organization.
This is an in-office position. The Privacy Analyst will work at the direction of the Optum Privacy Office Leadership Team and assist with day-to-day management of privacy office affairs. The primary function of the Privacy Analyst is to conduct and manage investigations into reports of privacy and security incidents across multiple lines of business. This position will handle multiple tasks and work streams simultaneously in a fast-paced, highly matrixed corporate environment.
In addition to Optum Privacy investigations, this position will be responsible for printing and mailing responses to HIPAA Individual Rights records requests, which requires travel to the Optum Eden Prairie office approximately two (2) days per week. For these duties, this position will have accountability to the Sr. Associate General Counsel who oversees the Enterprise Privacy Program.
Experience working in a large, complex organization in a legal or regulatory compliance role is desirable. Health care privacy experience preferred, as well as a solid understanding of HIPAA, state privacy, and data security rules and regulations.
**Primary Responsibilities:**
+ Conduct, manage and track a high volume of privacy and security investigations
+ Ensure reporting / notification requirements related to privacy and security investigations are met
+ Provide research and analysis as needed on privacy and data security matters
+ Provide backup to team members for triage of matters and other projects as assigned
+ Collaborate with Optum and UHG privacy segments as well as Information Technology and Information Risk Management areas on enterprise-wide objectives and projects as assigned
+ Print and mail responses to Optum Individual Rights records requests approximately two (2) days per week from the Optum Eden Prairie office
You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.
**Required Qualifications:**
+ 2+ years of experience in health care, legal, compliance, regulatory affairs OR business operations roles, OR IT Data Management/IT Security, non-health care privacy compliance, OR investigations experience in fraud, white collar OR cyber/technology-based crimes
+ Ability to manage a significant and diverse workload with short turnaround times and firm deadlines
+ Excellent verbal and written communication skills
+ Excellent organizational skills
+ Excellent interpersonal and relationship building skills
+ Ability and flexibility to effectively work within a constantly evolving business and regulatory environment
**Preferred Qualifications:**
+ Paralegal certification and/or equivalent experience
+ CIPP/US and/or CIPM certification
+ Experience with federal and state regulatory agencies
Pay is based on several factors including but not limited to local labor markets, education, work experience, certifications, etc. In addition to your salary, we offer benefits such as, a comprehensive benefits package, incentive and recognition programs, equity stock purchase and 401k contribution (all benefits are subject to eligibility requirements). No matter where or when you begin a career with us, you'll find a far-reaching choice of benefits and incentives. The salary for this role will range from $58,800 to $105,000 annually based on full-time employment. We comply with all minimum wage laws as applicable.
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._
_UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations._
_UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment._

RELOCATION ASSISTANCE: No relocation assistance available
CLEARANCE TYPE: Top Secret
TRAVEL: Yes, 10% of the Time
**Description**
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.
Northrop Grumman is seeking an experienced **Staff** **Global Privacy Analyst** to join our Insights & Intelligence team within the Chief Information and Digital Office. Insights and Intelligence leads the integrated analytics, AI, data and intelligence strategy for the company and our mission is to reimagine decision making by bridging the gaps between organizations and connecting our business strategy to the right insights, analytics, and data.
As a global privacy analyst, you will report to the Global Privacy Manager and will play a critical role in ensuring policy and regulatory compliance, mitigation of business risk, and responsible handling of personal data. You will champion privacy principles and collaborate seamlessly with stakeholders by decomposing complex privacy concepts for translation and understanding across teams. You will leverage your knowledge of the regulatory environment and critical thinking skills to identify creative and effective solutions.
The primary location for this position is in Falls Church, VA; alternative work locations/arrangements will be considered as well, including working 100% virtual/remote.
Responsibilities include but are not limited to:
+ Support privacy and data governance controls by maintaining data inventories, conducting data mapping, implementing privacy by design, ensuring data minimization, and ensuring data retention requirements.
+ Collaborate with business stakeholders across disciplines (e.g., law, IT, AI and data governance, communications, global supply chain, cybersecurity, etc.) on privacy assessments of products, technologies, and vendors and proactively identify and address potential privacy concerns.
+ Draft Standard Contractual Clauses and review contract language related to personal data to ensure compliance with business standards and global data protection regulations.
+ Investigate and resolve privacy-related inquiries, questions, and/or complaints.
+ Develop, evaluate, and refine privacy policies, procedures, documentation, company guidance, and processes in alignment to the evolving regulatory environment and in pursuit of continuous improvement.
+ Develop and implement initiatives to increase employee awareness and knowledge of key privacy topics including company policies
+ Establish and apply privacy best practices and mentor and train early career privacy professionals.
+ Understand technical terminology to translate between technical and privacy teams on regulatory requirements.
+ Manage team mailboxes to respond to privacy queries.
+ Exhibit personal ownership and accountability for continuous improvement.
+ Identify critical issues with ease. Exhibit confidence and knowledge of privacy best practices with minimal oversight.
+ Mentor and train early career privacy and data professionals.
+ Complete special projects as requested.
**Basic Qualifications:**
+ At least 12 years of experience in any of the following disciplines: Privacy, Data Governance, and/ or Legal with a Bachelors degree, or at least 10 years of experience with Masters degree
+ Demonstrated understanding of global privacy and AI Governance laws, including the GDPR, EU AI Act, CCPA, CPRA, PIPL, NIST 800-171 and other applicable regulations and standards.
+ At least two (2) IAPP certifications or related industry certifications.
+ Demonstrated experience negotiating data protection agreements with external vendors to ensure all applicable data privacy law requirements are met.
+ Demonstrated experience in operationalizing privacy-by-design principles in product development cycles by conducting data protection impact assessments and implementing risk mitigation strategies tailored to business needs.
+ Excellent verbal and written communication skills and proven ability to build relationships and positively influence business decisions related to privacy.
+ Strong technical, analytical, troubleshooting, interpersonal, and problem-solving skills.
+ Proven ability to work independently and within a global virtual team environment, stay organized, and execute work in accordance to tight deadlines.
**Preferred Qualifications:**
+ Juris Doctor and/ or advanced education or experience in privacy, data governance, or information technology.
+ Top Secret Security Clearance is preferred.
+ Experience handling data subject rights request and/or regulatory inquiries
+ Familiarity with user tracking technologies, e.g, cookies, pixels, web beacons, and implementation tools, e.g., Google Tag Manager, GA4, etc.
+ Experience working with ServiceNow, OneTrust, Credo AI, and/or similar software platforms to execute data privacy and AI privacy compliance processes.
+ Experience as a privacy subject matter expert for identifying risks and mitigation strategies for AI use cases and implementing AI Governance policies and procedures.
+ Familiarity with DFARS, NIST SP 800-171, and CMMC 2.0.
Salary Range: $128,500.00 - $212,000.00
The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.
Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.
The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.
Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

RELOCATION ASSISTANCE: No relocation assistance available
CLEARANCE TYPE: Top Secret
TRAVEL: Yes, 10% of the Time
**Description**
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.
Northrop Grumman is seeking an experienced **Staff** **Global Privacy Analyst** to join our Insights & Intelligence team within the Chief Information and Digital Office. Insights and Intelligence leads the integrated analytics, AI, data and intelligence strategy for the company and our mission is to reimagine decision making by bridging the gaps between organizations and connecting our business strategy to the right insights, analytics, and data.
As a global privacy analyst, you will report to the Global Privacy Manager and will play a critical role in ensuring policy and regulatory compliance, mitigation of business risk, and responsible handling of personal data. You will champion privacy principles and collaborate seamlessly with stakeholders by decomposing complex privacy concepts for translation and understanding across teams. You will leverage your knowledge of the regulatory environment and critical thinking skills to identify creative and effective solutions.
The primary location for this position is in Falls Church, VA; alternative work locations/arrangements will be considered as well, including working 100% virtual/remote.
Responsibilities include but are not limited to:
+ Support privacy and data governance controls by maintaining data inventories, conducting data mapping, implementing privacy by design, ensuring data minimization, and ensuring data retention requirements.
+ Collaborate with business stakeholders across disciplines (e.g., law, IT, AI and data governance, communications, global supply chain, cybersecurity, etc.) on privacy assessments of products, technologies, and vendors and proactively identify and address potential privacy concerns.
+ Draft Standard Contractual Clauses and review contract language related to personal data to ensure compliance with business standards and global data protection regulations.
+ Investigate and resolve privacy-related inquiries, questions, and/or complaints.
+ Develop, evaluate, and refine privacy policies, procedures, documentation, company guidance, and processes in alignment to the evolving regulatory environment and in pursuit of continuous improvement.
+ Develop and implement initiatives to increase employee awareness and knowledge of key privacy topics including company policies
+ Establish and apply privacy best practices and mentor and train early career privacy professionals.
+ Understand technical terminology to translate between technical and privacy teams on regulatory requirements.
+ Manage team mailboxes to respond to privacy queries.
+ Exhibit personal ownership and accountability for continuous improvement.
+ Identify critical issues with ease. Exhibit confidence and knowledge of privacy best practices with minimal oversight.
+ Mentor and train early career privacy and data professionals.
+ Complete special projects as requested.
**Basic Qualifications:**
+ At least 12 years of experience in any of the following disciplines: Privacy, Data Governance, and/ or Legal with a Bachelors degree, or at least 10 years of experience with Masters degree
+ Demonstrated understanding of global privacy and AI Governance laws, including the GDPR, EU AI Act, CCPA, CPRA, PIPL, NIST 800-171 and other applicable regulations and standards.
+ At least two (2) IAPP certifications or related industry certifications.
+ Demonstrated experience negotiating data protection agreements with external vendors to ensure all applicable data privacy law requirements are met.
+ Demonstrated experience in operationalizing privacy-by-design principles in product development cycles by conducting data protection impact assessments and implementing risk mitigation strategies tailored to business needs.
+ Excellent verbal and written communication skills and proven ability to build relationships and positively influence business decisions related to privacy.
+ Strong technical, analytical, troubleshooting, interpersonal, and problem-solving skills.
+ Proven ability to work independently and within a global virtual team environment, stay organized, and execute work in accordance to tight deadlines.
**Preferred Qualifications:**
+ Juris Doctor and/ or advanced education or experience in privacy, data governance, or information technology.
+ Top Secret Security Clearance is preferred.
+ Experience handling data subject rights request and/or regulatory inquiries
+ Familiarity with user tracking technologies, e.g, cookies, pixels, web beacons, and implementation tools, e.g., Google Tag Manager, GA4, etc.
+ Experience working with ServiceNow, OneTrust, Credo AI, and/or similar software platforms to execute data privacy and AI privacy compliance processes.
+ Experience as a privacy subject matter expert for identifying risks and mitigation strategies for AI use cases and implementing AI Governance policies and procedures.
+ Familiarity with DFARS, NIST SP 800-171, and CMMC 2.0.
Salary Range: $128,500.00 - $212,000.00
The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.
Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.
The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.
Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

As part of UMB's **Corporate Information Security and Privacy (CISP)** team, the mission is to identify threats, vulnerabilities, and risks and to help protect the people, information, and services within the organization. CISP works closely with all lines of business.
As a **Sr. Privacy Analyst,** you will be responsible for performing essential activities associated with UMB's Privacy Program, as well as contributing to other programs within the Corporate Information Security and Privacy department. Successful fulfillment of job responsibilities will be achieved through a combination of direct ownership of components of the Privacy Program, as well as through managing key business partners' priorities to ensure compliance objectives are met. This is a subset of the overall responsibilities which involves other multiple initiatives as assigned by Corporate Risk leadership.
**This role is hybrid working Tuesday to Thursday on-site in our downtown Kansas City, MO location and remotely Monday and Friday.**
**_How you'll spend your time:_**
+ Provide essential support to UMB's incident response program, including evaluating and advising on privacy ramifications of information security incidents, identifying root causes and contributing to corrective actions and process improvements.
+ Design and/or implement controls and processes that align with the requirements of the Gramm-Leach-Bliley Act ("GLBA"), General Data Protection Regulation ("GDPR"), Healthcare Insurance Portability and Accountability Act ("HIPAA"), U.S. state privacy laws (such as the California Consumer Privacy Act or "CCPA") and the NIST Privacy Framework.
+ Maintain enhanced knowledge of the above privacy laws, regulations and frameworks, as well as laws relating to data breach notification.
+ Regularly monitor, inventory, assess and suggest improvements to data privacy practices across all lines of business.
+ Perform periodic risk assessments to evaluate existing controls and practices for design and performance effectiveness, including identification of areas throughout the organization that are in need of risk assessments.
+ Provide support to other adjacent programs, including records management and information security and privacy external communications.
+ Proactively develop and maintain effective relationships with business partners across the organization.
+ Lead special projects and other duties as assigned.
+ Proactively develop and maintain effective relationships with business partners across Legal, Risk Management, Audit, IT, Operations, and Business Development.
**_We're excited to talk with you if:_**
+ You have a Bachelor's degree from an accredited college or university OR equivalent work experience.
+ You have at least 3 years of experience in Risk Management, Compliance, Audit, Information Technology, Project Management, or similar disciplines.
+ You have the initiative to work towards a relevant certification (i.e. CIPP/US, CIPM, CIPT through the IAPP).
+ You have intermediate knowledge of privacy and/or information security incident response.
+ You have proven demonstrated experience in the field of data privacy including but not limited to knowledge of the privacy laws, regulations, and frameworks.
+ You can independently execute complex tasks with limited manager oversight and guidance.
+ You have successfully made independent, risk-based decisions to escalate to management as needed.
**_Bonus Points If:_**
+ You have prior work experience in third party/vendor management, bank operations, accounting, procurement, legal, internal audit risk or risk related roles.
+ You have general understanding of banking and financial services processes, and the related risks to securing and managing data.
**Applicants must have legal authority to work in the United States. Work Visa sponsorship not available for this position.**
**Compensation Range:**
$69,230.00 - $149,000.00
_The posted compensation range on this listing represents UMB's standard for this role, but the actual compensation may vary by geographic location, experience level, and other job-related factors. In addition, this range does not encompass the full earning potential for this role. Please see the description of benefits included with this job posting for additional information_
UMB offers competitive and varied benefits to eligible associates, such as Paid Time Off; a 401(k) matching program; annual incentive pay; paid holidays; a comprehensive company sponsored benefit plan including medical, dental, vision, and other insurance coverage; health savings, flexible spending, and dependent care accounts; adoption assistance; an employee assistance program; fitness reimbursement; tuition reimbursement; an associate wellbeing program; an associate emergency fund; and various associate banking benefits. Benefit offerings and eligibility requirements vary.
**Are you ready to be part of something more?**
You're more than a means to an end-a way to help us meet the bottom line. UMB isn't comprised of workers, but of people who care about their work, one another, and their community. Expect more than the status quo. At UMB, you can expect more heart. You'll be valued for exactly who you are and encouraged to support causes you care about. Expect more trust. We want you to do the right thing, no matter what. And, expect more opportunities. UMBers are known for having multiple careers here and having their voices heard.
_UMB and its affiliates are committed to inclusion and diversity and provide employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including gender, pregnancy, sexual orientation, and gender identity), national origin, age, disability, military service, veteran status, genetic information, or any other status protected by applicable federal, state, or local law. If you need accommodation for any part of the employment process because of a disability, please send an e-mail to_ _to let us know the nature of your request._
_If you are a California resident, please visit our_ Privacy Notice for California Job Candidates ( _to understand how we collect and use your personal information when you apply for employment with UMB._
**_Who we are_**
We are more than a company. We are advisors, consultants, problem solvers, friends, community members, experts, and we are here to help you make the best of every moment with a financial foundation that can help you succeed.
Learn more about UMB's vision ( out the road to a career at UMB