Risk Analyst III

Job Description

Job Description – add details here

Overall Responsibilities:

Case Management & Execution: Manage the high-volume, end-to-end lifecycle of People Data Subject Rights (DSR) requests with precision and confidentiality.

Regulatory Compliance: Ensure all data requests are handled in strict accordance with global privacy regulations, including GDPR, CCPA, and other "Rest of World" (RoW) requirements.

Program Support: Maintain the stability of the DSR Program by collaborating with the Program Manager and existing team to meet service-level agreements (SLAs).

Data Integrity: Partner with internal stakeholders to securely retrieve, redact, and deliver personnel data while identifying and mitigating potential privacy risks.

Documentation: Maintain comprehensive audit trails and documentation for all data subject requests to support global compliance reviews.

Must Have Skills:

2–4 years of experience in risk management, privacy compliance, or data protection.

Core control in classic risk management structure - any time there is a workforce & private data, need to have a way for folks to access their data, know what they have collected.

Someone who has US or European experience from privacy law perspective would be ideal, CA folks will support primarily US California privacy law

Strong foundational knowledge of global data protection laws (GDPR, CCPA, etc.).

Proven ability to handle "straight up" case management workflows—meaning you are comfortable with process-oriented, high-accountability tasks.

Nice to Have Skills

Direct experience managing DSR or SAR (Subject Access Requests) in a corporate environment.

Familiarity with HR data structures and privacy automation tools.

CIPP/E, CIPP/US, or similar privacy certifications.