- Full Time
IG Compliance and Privacy Analyst
Cooley is seeking an IG Compliance & Privacy Analyst to join the IS Information Governance team.
Position summary: Cooley Information Services (IS) embraces a culture of customer service excellence and all members of the department are expected to move this agenda forward. To that end, the IG Compliance & Privacy Analyst is expected to recognize that the Cooley IS Department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined later in this document.
The IG Compliance & Privacy Analyst will work with Privacy Counsel, Information Services, Information Governance and the office of General Counsel to maintain and monitor the firm’s compliance with applicable privacy standards and client requirements. Additionally, the IG Compliance & Privacy Analyst will monitor the firm’s vendors’ compliance with the ISO 27001 framework, regulatory requirements, client requirements, and firm policies and procedures. The IG Compliance & Privacy Analyst will participate in developing procedures and metrics to support the firm’s privacy, risk, compliance and assurance programs. This position will be responsible for maintaining the firm’s data map, privacy compliance checklists, inventory of applicable privacy standards, and inventory of applicable privacy agreements.
Support business privacy objectives and policies of the firm
Participate in compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures
Monitor activities of assigned IS areas to ensure compliance with internal policies and standards.
Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance
Provide guidance to business functions on compliance/security-related matters
Maintain the firm’s ISO 27701 certification
Develop and maintain metrics that assess the firm’s privacy compliance initiatives
Assess and track the firm’s compliance to existing and future global regulations in privacy
Participate in privacy, risk and compliance forums and organizations to learn new ideas to solve problems
Monitor, report on and ensure compliance with applicable regulations (GDPR, CCPA, HIPAA etc.) and within Cooley’s data protection policies and procedures
Build processes to track and control storage and usage of Personally Identifiable Information (PII)
Prepare reports on data protection program activities
Maintain the firm’s data map, privacy compliance checklists, inventory of applicable privacy standards, and inventory of applicable privacy agreements
Participate in relevant working groups dealing with data processing activities, including regular participation in meetings with management
Assist with fulfilling subject access requests, including documenting the necessary information and liaising with key stakeholders, where required
Assist in all privacy related projects and initiatives
Along with the other members of the Privacy & Security Compliance team and Privacy Counsel prepare for and participate in audits
All other duties as assigned or required
Skills and experience:
3+ years of governance, risk and compliance (GRC) processes and solutions, experience in information security and auditing data privacy program elements
Demonstrated ability to apply IS-related knowledge, experience in solving compliance issues
Relevant experience in security compliance, risk management, quality assurance or compliance
Bachelor’s degree in Information Technology or Computer Information Systems
Certifications: CIPP/US, CIPP/E, CIPP/A
Advanced knowledge of GDPR, CCPA and/or HIPAA
Excellent communication skills
Strong organizational skills
Excellent judgment, attention to detail, communication, presentation skills, ability to develop professional and thoughtful materials
Strong sense of accountability
Ability to analyze needs and to determine priorities based on business objectives
Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices. EOE.
$95,000 – $145,000 is the compensation range specific to this role. Please note that final offer amount will be dependent on geographic location, experience and skillset of the candidate.
Additionally, see below for a description of bonus and benefits generally applicable to those in US offices.
Other compensation may include an annual discretionary merit bonus.
Employees in this role will have the option to elect various benefits, including medical, dental, vision, accidental death and dismemberment, life insurance, dependent life insurance, long term disability, long-term care insurance, health savings accounts (if enrolled in an HDHP) and health/dependent care spending accounts.
401(k) and profit sharing.
Paid Time Off (PTO). 21 days accrued per calendar year.
Ten paid holidays each year.
Other benefits include the option to participate in our tuition reimbursement program and wellness program, which includes fitness reimbursement each year.
The salary range in other markets will vary.