GRC Analyst II, Privacy Operations

Full Time
4 months ago
GRC Analyst II - Privacy Operations 

REMOTE

HashiCorp is a fast-growing startup that solves development, operations, and security challenges in infrastructure so organizations can focus on business-critical tasks. We build products to give organizations a consistent way to manage their move to cloud-based IT infrastructures for running their applications. Our products enable companies large and small to mix and match AWS, Microsoft Azure, Google Cloud, and other clouds as well as on-premises environments, easing their ability to deliver new applications for their business.

We’re looking for a privacy operations specialist to help continually develop and mature the privacy program. This role will be heavily focused on assisting with building out, automating, and managing privacy operations capabilities across HashiCorp. We’re looking for a self-motivated individual who thrives in fast-paced environments, can seamlessly drive efforts with multiple stakeholders to accomplish bold things, has demonstrable experience in operational privacy and is comfortable working across the breadth and depth of a privacy program.

Security at HashiCorp is a remote team. While prior experience working remotely isn't required, we are looking for team members who can perform well given a high level of independence and autonomy.

HashiCorp embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.

In this role, your responsibilities will include to:

  • Work with multiple work streams and/or teams to execute against project plans
  • Handle and prioritize completing efforts within the privacy function
  • Documentation of key new and expanding privacy processes
  • Assist with driving assessment of new data privacy laws and regulations and implementing privacy program changes based on the assessment outcomes
  • Perform data protection impact assessments (DPIAs) and privacy impact assessments (PIAs) of products and processes involving personal data
  • Assist with vendor privacy risk reviews, including review of data protection addendums (DPAs) and subprocessor ongoing management
  • Assist with management of data subject rights request process, including intake, management, delivery, and response
  • Assist with development and delivery of broad and role-based privacy training
  • Assist with audit readiness preparation and external privacy audits
  • Define, collect, and report on metrics for the privacy program
  • Continually improve the privacy program, policies, and processes
  • Help with common GRC activities as needed

Must-Have Qualifications

  • 2+ years of experience working in privacy
  • ​​Previous experience in a cloud environment, preferably AWS and/or Azure
  • Deep understanding of privacy requirements and regulations, such as CCPA & GDPR
  • Strong privacy compliance experience, including: performance of impact assessments, data inventory efforts, and management of data subject rights requests.
  • Comfortable working with both deeply technical and non-technical audiences
  • Develop relationships in a highly cross functional environment
  • Highly responsive and have a customer first mindset 
  • Flexibility in daily hours (i.e., willingness to work longer hours during end of quarter, peak periods and audits)
  • Ability to prioritize and track multiple projects in parallel

Desired Qualifications

  • 3+ years of relevant experience, including enhancing a privacy program
  • Understanding of evolving privacy landscape and introduction of new laws and regulations globally 
  • Previous experience at a technology or SaaS company in similar role
  • Certifications, such as an IAPP certification (CIPP/E, CIPM, CIPT)
About the Application Process

Please note, as communication is a critical aspect of how we work, a cover letter is a great way to provide a sample of how you communicate. In your cover letter, describe why you're interested in working at HashiCorp, and what draws you to this role in particular.

HashiCorp embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.

#LI-AZ1#LI-REMOTE

Individual pay within the range will be determined based on job related-factors such as skills, experience, and education or training.

The base pay range for this role in the SF Bay Area / NYC area is:$157,300—$185,000 USDThe base pay range for this role in Seattle Metro, Denver / Boulder Metro, New York (excluding NYC), Washington D.C., or California (excluding SF Bay Area) is:$144,200—$169,600 USDThe base pay range for this role in Colorado (excluding Denver / Boulder Metro) and Washington (excluding Seattle Metro) is:$131,100—$154,200 USD