Previous Job
Previous
Enterprise Security Consultant
Ref No.: 18-05424
Location: Plano, Texas
Role: Data Protection and Privacy Analyst
Location: Plano, TX
Duration: 3+ Months

Overview:
  • Client, Inc. is the leading provider of collaborative business commerce solutions. Client combines industry-leading software as a service (SaaS) technology to optimize the complete commerce lifecycle with the world's largest web-based commuity to Client, connect and collaborate with a global network of trading partners and expert capabilities to augment internal resources and skills, delivering everything needed to control costs, minimize risk, improve profits and enhance cash flow and operations – all in a cloud-based environment. Whether you're buying, selling or managing cash, you can do it more efficiently and effectively in the Client® Commerce Cloud. Over 300,000 companies, including more than 80 percent of the Fortune 500, use Client's solutions to drive more efficient inter-enterprise commerce.
  • Security and Privacy are vital components of Client's success as a cloud company. Our customers entrust us with their Confidential Business Transactional Data and some Personally Identifiable Information because of the value that we add by processing that data for them. Client's Trust Office team is responsible for identifying, assessing and managing threats, vulnerabilities, and associated risks to Client's information assets and resources. This includes providing expertise and operating and maintaining various integrated security technologies to protect the integrity, confidentiality and availability of all information resources throughout a highly distributed cloud environment. Success will depend upon building rapport and credibility with multiple stakeholders across Client. As a leader in Cyber Security, this candidate will have opportunities to mentor, support, and contribute to goals and initiatives that ensure the secure usage of technology, industry standards, and best practices. If you want to be a game changer in building confidence in the cloud for our customers, consider joining our team. We are looking for ambitious people who thrive in a dynamic environment, are passionate about security and ready for a challenge.

The Data Protection and Privacy Analyst is accountable for the development and implementation of the GDPR privacy program across the Client products, operations and services, in alignment with the Data Protection and Privacy Office (DPPO) and Legal team. This will involve establishing process and tools for implementing program compliance and helping to ensure Client's compliance with the EU GDPR.
  • Continue and enhance the existing program for data privacy to continually improve compliance.
  • Work closely with Product Management and Engineering on data privacy requirements relating to the design and delivery of products and services and ensure compliance. Implementation of data protection by design and by default in Client products.
  • Perform Data Protection and Privacy assessments for product, service and infrastructure components through interviews and questionnaires to analyze personal data processing.
  • Evaluate technical and operational threats to the rights of customer users, review control design and implementation evidence, analyze the effectiveness of safeguards, identify gaps, assess and quantify risks, ensure transfer to the risk register, risk mitigation and mitigation plans.
  • Establish and maintain KPIs and performance dashboard.
  • Maintain documentation and reporting on Client privacy program.

Requirements:
  • To be successful, the ideal candidate must be passionate about our customers, partners and technology. Success will depend upon building rapport and credibility with multiple stakeholders across Client. As a leader in Privacy, this candidate will have opportunities to mentor, support, and contribute to goals and initiatives that ensure the secure usage of technology, industry standards, and best practices.
  • 5+ years of experience in data protection and privacy compliance and risk management.
  • Understanding of technology use, trends and risks in a business context and environment.
  • Demonstrated experience working with regulatory requirements and standards (PCI-DSS, SOC 2, BSI, GDPR etc.) and frameworks (ISO 27000, COBIT, ITIL, NIST, ISF, OWASP, etc.).
  • Deep understanding of International privacy laws, regulations and best practices.
  • Experience in building and maintaining privacy programs and controls.
  • Must have a strategic mind-set to see the "big picture” and ensure a clear focus on the go forward agenda and the ability to make decisions balancing cost/opportunity and risk.
  • Strong verbal and written communication skills and ability to influence others
  • Must be self-organized, goal/execution oriented
  • Must take immediate responsibility in an ongoing critical program

The ideal candidate will also have the following qualifications and skills:
  • Excellent planning ability and business acumen.
  • Impeccable ethics and judgement.
  • Demonstrated ability to learn quickly, prioritize multiple urgent tasks, and deliver results in a fast-paced environment with extremely tight deadlines.

Education:
  • Bachelor's Degree in MIS, Computer Science, or other related field.
  • At minimum one of the following industry certifications: CIPP, CIPM and/or CIPT