• Candidate should have CIPP/E certificate and one of these CIPM, or CIPT, or CIPP/US)
• Looking for LLB (bachelor in law or higher) or a Juris Doctor (JD)
• Candidate should be from IAAP (International Association of Privacy Professionals)

Privacy Analyst (Engineering Focus) - Job Requirements

Summary:

We are seeking a highly motivated and skilled Privacy Analyst with an engineering mindset to assist our Cloud Privacy team. This individual will play a critical role in assessing the privacy implications of new and existing cloud technologies, products, and services. They will work closely with engineering teams to integrate privacy considerations throughout the software development lifecycle and champion responsible data practices.

Key Duties and Responsibilities:

• Analyze privacy risks and compliance requirements associated with new cloud technologies, products, and services.
• Conduct data flow assessments of cloud-based systems and identify potential privacy impacts on individuals.
• Develop clear and concise privacy impact assessments (PIAs) for cloud projects and advise on mitigation strategies.
• Review data collection practices, data usage policies, and privacy notices for cloud offerings for accuracy and compliance.
• Collaborate with cloud engineering teams to design and implement privacy-enhancing technologies and features.
• Guide cloud engineering teams on best practices for data minimization, anonymization, and encryption techniques in the cloud.
• Stay abreast of evolving privacy regulations and legislation, including GDPR, CCPA, and others, as they apply to cloud environments.
• Assist with incident response and data breach investigations in the cloud as needed.
• Communicate effectively with stakeholders across various departments to promote cloud privacy awareness and compliance.
• Develop and maintain documentation on cloud-specific privacy policies, procedures, and controls.
• Continuously develop and enhance knowledge of privacy best practices and emerging technologies in the cloud landscape.

Qualifications:

• Bachelor's degree in Computer Science, Engineering, Law, or a related field.
• Minimum of 2 years of experience in a privacy or data protection role, preferably with a focus on cloud technologies.
• Strong understanding of privacy principles, frameworks, and regulations (GDPR, CCPA, etc.) in the context of cloud services.
• Knowledge of data security principles and threat modeling techniques, particularly as applied to cloud environments.
• Familiarity with privacy-enhancing technologies (PETs) and their implementation within cloud infrastructure.
• Experience conducting data flow assessments, privacy impact assessments (PIAs), and risk mitigation strategies for cloud projects.
• Excellent analytical and problem-solving skills with a detail-oriented approach to cloud privacy issues.
• Ability to communicate complex technical information about cloud systems and data clearly and concisely to both technical and non-technical audiences.
• Strong interpersonal skills and ability to collaborate effectively with cross-functional teams involved in cloud development and operations.
• Self-motivated and proactive with a strong work ethic and ability to learn quickly in the dynamic cloud environment.
• Ability to prioritize tasks effectively and manage multiple projects simultaneously within the cloud environment.
• Strong written and verbal communication skills, with the ability to create clear and concise documentation related to cloud privacy practices.

Preferred Skills:

• Experience working with Agile development methodologies for cloud projects.
• Experience working with cloud-based technologies (e.g., AWS, Google Cloud Platform, Azure) and their specific privacy functionalities.
• Familiarity with privacy-enhancing technologies (PETs) such as differential privacy, homomorphic encryption, and secure multi-party computation in the context of cloud services.
• Programming skills in Python, Java, or other relevant languages commonly used in cloud development.
• Certifications in privacy frameworks such as CIPP/E, CIPM, or others, with a focus on cloud technologies.