Consultant - Privacy Analyst -Privacy Risk Management

ABOUT KALLES GROUP:

Everyone deserves to be secure. Our mission at Kalles Group is to help secure the future for companies of all shapes and sizes.

While our expertise spans multiple disciplines, our method remains consistent: building trust and relationship with people -- whether you are a client, a consultant, or--in this case--a candidate.

No matter what role you come from--whether you're an executive or just starting your career-you can expect our highest level of attention and respect. We want to find the right fit for each role, but we also want you to find the right fit for your career.

We believe the best way to show you what our team is like is to treat you like you're already a part of it. We hope you'll consider joining our team of experienced professionals who are building their careers at Kalles Group—and having fun while doing it.

WHAT YOU WILL DO:

As a Privacy Analyst, you will play a critical role on the IT Information Security and Compliance team, focusing on privacy risk management and regulatory compliance across multiple frameworks, including California Privacy Law, HIPAA, GDPR, and international PII regulations. You will ensure the delivery of high-quality assessments, foster a strong PIA (Privacy Impact Assessment) process, and collaborate closely with business stakeholders to meet organizational compliance and privacy goals. This role involves supporting client privacy initiatives, including the mobile app, and requires expertise in enterprise-wide platforms, technical problem-solving, and adherence to company best practices.

We anticipate this role being up to 40 hours/week. We are open to C2C.

You will:

Privacy Impact Assessments (PIA):

• Support with Privacy Impact Assessments (PIAs) to identify and document personal information (PI) use justifications.
• Collaborate with key stakeholders and business owners to update or create new PIAs.
• Organize and facilitate meetings with business units to guide them through the PIA process.
• Follow up with additional Points of Contact to ensure understanding of business processes and PIAs.
• Update PIA documentation, including descriptions of initiatives, PI data flows, data subject categories, data collection and use cases, internal and external sharing, storage and retention periods, and cross-border transfers.
• Review assessments for completeness and accuracy, providing risk rankings based on findings.
• Identify additional processes required post-PIA completion, such as DPAs, DPIAs, ROPAs, or DSR mappings.
• Follow PIA processes as outlined in Standard Operating Procedures (SOPs).
• Update existing SOPs to reflect changes in the PIA process.
• Draft new SOPs for the PIA process.
• Assist with building out the Confluence site to document processes and resources.
• Help identify key business stakeholders for ongoing collaboration.

 General Privacy and Risk Management:

• Ensure alignment with organizational compliance requirements and industry best practices.
• Drive innovation and influence the delivery and performance of privacy risk management initiatives.
• Partner with legal, compliance, and business stakeholders to meet security, privacy, and risk objectives.

ABOUT YOU: 

• Your values:
  • Integrity: You believe in doing the right thing, even when it's uncomfortable, seemingly inefficient, or costly.
  • Purposefulness: You have a desire to serve others with your skillset and an openness to continuous learning and growth.
  • Ownership: You stick to your commitments, follow up with action, and seek clarity in communication & expectations.

Preferred experience:

• Experience in privacy risk management, regulatory compliance, or related fields.
• Hands-on experience with privacy regulations and frameworks, including California Privacy Law, HIPAA, GDPR, and PII management (domestic and international).
• Proven expertise in conducting Privacy Impact Assessments (PIAs).
• Strong understanding of data flows, privacy justifications, and risk-ranking methodologies.
• Experience developing and updating SOPs and maintaining Confluence or similar documentation tools.
• Ability to collaborate effectively with cross-functional teams and key stakeholders.
• Exceptional problem-solving, communication, and analytical skills.
• Bachelor’s degree in Information Technology, Business Administration, or a related field.

Preferred certifications:

• Certified Information Privacy Professional (CIPP).
• Certified Information Systems Auditor (CISA).
• Certified Information Security Manager (CISM).
• GDPR certification or other relevant data protection certification.

WHAT WE OFFER:

• Competitive compensation with opportunities for additional incentives. The salary for this role is $100-125K/year
• Work/life balance – we know there’s more to life than work! We encourage our team to pursue other passions, get outside, and spend time with family. We work with clients and consultants to set expectations for a manageable workload.
• Opportunities to connect in person and remotely with a passionate, supportive team.

LOCATION:

Kalles Group is steadily growing our talent pool across the USA!  We are currently able to hire in the following states: Arizona, California, Washington and Texas. If you would like to request more information, please reach out to talent@kallesgroup.com.

HOW TO APPLY:

Please fill out the form below (including uploading your most recent resume) and we'll be in touch! We know imposter syndrome can be a barrier to many great applicants. We hope you'll still consider applying. That's why we've made the application process as short and simple as possible.

Even if you're not a fit for the role, you can expect to hear back from us! We want you to have the best experience as a candidate, so please feel free to share feedback at any stage of the process to talent@kallesgroup.com.

Kalles Group is an equal-opportunity employer and does not discriminate on the basis of creed, nationality, race, ethnicity, disability, gender, or other protected class.