Sr IT Privacy / Security Analyst

Location: West Pittsburgh, PA

Job Type: Contract

In this role, the candidate will collaborate with technology and business personnel in the areas of privacy, data classification, data mapping, risk assessment, and other GRC functions as required.  The candidate must be able to reliably achieve program objectives, address uncertainty, and act with integrity.   The candidate will need to maintain an understanding of privacy compliance requirements (both current and emerging), frameworks, and controls and how they affect the company environment.  The candidate will identify areas of privacy risk and provide support in the form of data identification, mapping, classification, and inventorying.  The candidate will assist in management of overall privacy compliance efforts through policy updates, management of internal/external requests,  and performance of risk assessments/privacy impact assessments.  The candidate should possess technical competency to identify application and platform components that impact privacy compliance and recommend/monitor technical controls to protect data.  The candidate will work with Legal, Compliance, Security, and other internal stakeholders to create and manage a holistic privacy compliance program, including privacy by design.


  • Support the implementation of our information privacy strategy and tactics which includes various projects and programs central to privacy function throughout the organization
  • Lead requirements gathering sessions, document business needs, prioritize requested functionality and validate requirements against strategic goals and project objectives; convey requirements to business and achieve sign-off on key decisions
  • Partner and foster collaboration with business, marketing, legal, information technology, compliance and other internal teams throughout projects
  • Conduct privacy impact/risk assessments and identify appropriate processes and controls
  • Create and maintain process and data mapping information
  • Maintain policy and procedures
  • Support internal and external privacy requests
  • Support other governance, risk, and compliance functions as required

Education & Experience:

  • Bachelor’s Degree in Management Information Systems, Business, Cybersecurity, Information Assurance or equivalent experience
  • 5 – 7 Years
  • Privacy frameworks and best practices, policy development, working knowledge of data protection controls, security frameworks , risk assessment, security/privacy awareness training
  • Professional License and/or Specialized Training: CIPP/US, CIPT, CRISC
  • Microsoft Outlook
  • Microsoft Word
  • Microsoft Excel
  • Microsoft PowerPoint
  • Microsoft Visio
  • Excellent written & Verbal Communication Skills
  • Execution skills
  • Customer-service oriented
  • Strong interpersonal & client consultation skills
  • Ability to work effectively in a team environment
  • Self-motivated & results oriented
  • In-depth analytical skills
  • Strong detail orientation
  • Problem solving & troubleshooting capabilities
  • Process & procedure oriented
  • Privacy frameworks (CCPA, COPAA)
  • Risk frameworks (COSO, NIST, COBIT, ISO 27001, FAIR)