Data Privacy Analyst - Compliance
Riot Games was founded in 2006 by Brandon Beck and Marc Merrill with the intent to change the way video games are made and supported for players. In 2009, Riot released its debut title League of Legends to worldwide acclaim. The game has since gone on to become the most played PC game in the world and a key driver of the explosive growth of esports. Players are the foundation of our community and it’s for them we continue to evolve and improve the League of Legends experience. Riot Games is headquartered in Los Angeles, CA and has 23 offices worldwide. Delivering content to a global audience of millions of players whilst also building new games affords Riot's Engineering discipline with a mountain of exciting and technically complex challenges. That's where you come in.
As Riot continues to deliver and scale content to a global audience of passionate gamers, Riot’s Compliance Discipline is here to make sure Riot respects and protects the privacy of our Players.
As a Data Privacy Analyst, you will work closely with product teams globally to help make sure player experiences are not only awesome but designed with our player’s privacy in mind. You will identify process gaps and risks across the organization for both internal and player focused processes and own projects to address them. Your deep knowledge of global privacy regulations and impact of privacy violations will help you communicate potential issues to Rioters and maintain our player trust.
- Demonstrate knowledge of relevant privacy requirements and standard methodologies, and understand how they apply to Riot
- Interpret privacy requirements and translate them into meaningful action items for Riot teams and projects
- Assess current and planned releases for applications, systems and business processes, and identify privacy issues and risks
- Design solutions for any existing gaps to ensure privacy principles, policies, practices and team and player expectations are met
- Partner with product owners, engineers, and development managers across other disciplines to design and develop privacy requirements and solutions across multiple technologies, platforms, and Rioter and player experiences
- Distill complex issues into clear, easy to understand recommendations
- An organizer for results: you efficiently and effectively keep projects on track by managing the right people, materials, and providing the support needed to get the job done – all at the same time; your well-organized file system facilitates quick action when work situations break bad
- You're outgoing making it easy for you to build genuine, collaborative bonds and relationships with all types, whether Rioter, Player, Partner or otherwise; you put your affability to good use, helping others to understand how Regulatory changes will affect them, their team and our Players.
- Investigate actual or suspected privacy incidents independently and in partnership with other teams
- Conduct audits and assessments on systems to identify and help remediate data security and privacy risks.
- Handle and track privacy requirements throughout development lifecycles
- A Bachelor’s Degree in related field or relevant experience
- 3-5+ years of experience working in a privacy related role with experience in data protection, data policy, privacy risk, compliance and accountability
- Ability to understand large, complex systems in a dynamic environment
- Good written and oral communications
- High level of personal integrity and confidentiality
- Ability to understand and work with teams to craft data flows and system diagrams
Additionally Desired Qualifications (Beneficial):
- IAPP certification (CIPM, CIPT, CIPP/US, CIPP/E, or other IAPP credentials)
- Information security certifications (CISSP, CISA, CISM, GIAC, or others)
- Audit certifications (CIA)
- Prior experience and working knowledge of law and trends affecting US, EU, and global privacy, policy and compliance including but not limited to:
- Payment Card Industry Data Security Standard,
- Online Behavioral Advertising Principles,
- State Data Breach Notification laws,
- State Data Protection Laws,
- Attorney General and Federal Trade Commission privacy guidance and enforcement actions, GLBA, HIPAA, PIPEDA, FCRA/FACTA, CAN SPAM, CASL, CCPA and COPPA
- Engineering and coding experience, specifically in tooling and automation frameworks
It’s our policy to provide equal employment opportunity for all applicants and members of Riot Games, Inc. Riot Games makes reasonable accommodations for handicapped and disabled Rioters and does not unlawfully discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, handicap, veteran status, marital status, criminal history, or any other category protected by applicable federal and state law, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance relating to an applicant's criminal history (LAMC 189.00).