4677 – Compliance & Privacy Analyst/Sr. Analyst

The Compliance & Privacy Analyst/Engineer role serves as a key steward of client trust by ensuring that compliance and privacy interactions are handled accurately, efficiently, and with transparency.

This role leads the day-to-day management of client security questionnaires and privacy requests, acting as the primary liaison between clients and internal subject-matter experts. By coordinating cross-team responses, maintaining compliance with industry standards, and continuously improving communication and processes, this role helps nurture long-term client relationships and organizational credibility. Bringing together practical security framework knowledge and a commitment to responsive service, the role drives both operational excellence and reputational integrity, making client trust the foundation of every task.

This role will perform detail-oriented analysis to support our organizations privacy program and ensure compliance with data protection regulations. The analyst/engineer will be responsible for evaluating data practices, conducting risk assessments, assisting in privacy impact assessments (PIAs), and supporting privacy-related policies and procedures across the organization.

Responsibilities:

– Act as the main contact for client security and privacy requests, ensuring prompt and accurate responses to build confidence and trust.

– Coordinate with internal teams to collect information and answer client security questionnaires for compliance with industry standards.

– Maintain records and update documentation related to client security and privacy requests.

– Identify and recommend ways to streamline and improve response processes.

– Communicate clearly and collaborate across teams to keep clients informed and supported.

– Lead and support Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) for new projects and systems ensuring compliance with global data protection laws and internal privacy policies (e.g., GDPR, CCPA, HIPAA, etc.)

– Collaborate with cross-functional teams to embed privacy-by-design into projects and products.

– Assist in the development and delivery of privacy training and awareness programs.

– Support internal audits and external assessments related to data privacy and protection.

Requirements:

– Experience in security governance, risk, compliance, privacy, or related roles (typically at least 2-4 years).

– Working knowledge of data privacy laws and frameworks (e.g., GDPR, CCPA, HIPAA, NIST and ISO 27701)

– Strong communication and organizational skills to manage multiple tasks and deadlines.

– Ability to work independently and foster collaboration, always putting client trust first.

– Familiarity with industry frameworks like SIG Questionnaire, SOC2, or NIST.

– Basic knowledge of GRC tools (E.g. OneTrust, Drata etc.)

– Beginner to advanced knowledge of privacy concepts.

Location:

This is a HYBRID role based out of our client’s Newark, NJ office.  Candidate would be in-office Tuesday/Wednesday/Thursday and work from home Monday & Friday