Privacy Professional II
Job Id: REQ-0005507
The Data Privacy team plays a key role to help define and operationalize privacy globally. This includes engaging with multiple stakeholders across the enterprise to help ensure compliant outcomes. We are responsible for consulting with key stakeholders to promote understanding of global privacy regulatory requirements, including GDPR and CCPA.
As a Privacy Professional II, reporting to the Manager, Privacy, you will work on the execution of Riot's global privacy obligations relying on your subject matter expertise, and your project management, analytical, and relationship building skills to develop and deploy strategies for data protection. The 'daily' aspect of this role will be to help oversee how data is collected, shared, stored, and transmitted at Riot. You will review internal Riot systems and products for compliance with global privacy obligations. As part of this you will provide guidance for upcoming products and roadmaps, work with product leaders on acceptable business risk when applicable, and track remediation actions. You will perform privacy impact assessments, data protection impact assessments, and other risk assessments to help keep our registers of processing activities up-to-date.
Responsibilities:
- Perform privacy reviews and data protection impact assessments, and verify/improve data attestations and records of processing activities
- Monitor known and new risks, measure internal control effectiveness, and develop action items to fix identified risk issues
- Socialize and secure commitment for remediation and risk management strategies
- Create project plans to achieve the defined deliverables
- Consult on the development of requirements for new system implementations and enhancements
- Draft written narratives to communicate obligations, risk analyses, and recommendations
- Inventory risk and compliance obligations in a governance, risk, and compliance (GRC) system framework
- Respond to questions and troubleshoot issues
- Manage other privacy risk and compliance related projects as needs arise
Required Qualifications:
- 3+ years of experience in a privacy, compliance, or data protection role
- Experience with privacy regulations including GDPR and CCPA
Desired Qualifications:
- Certification or education in privacy or data protection
- Experience working in a global, large-scale, complex, and fast-paced environment
- Experience with large amounts of data and in developing audit reports, metrics, and reporting mechanisms
- Experience defining technical requirements and specifications, writing policy, and adapting requirements to technical and business needs
- Experience with modern data processing environments, service oriented architectures, cloud computing technologies, and related security and privacy standards
- Familiarity with the OneTrust privacy management solution
For this role, you'll find success through craft expertise, a collaborative spirit, and choices that focus on your fellow Rioters, who are the customers of your work. Being a dedicated fan of games is not necessary for this position!