The GRC Privacy Senior Analyst position is responsible for monitoring and communicating the requirements necessary to be compliant with global privacy regulations. This person will work with other Enterprise Risk & Resiliency service families and the business to ensure privacy requirements are understood and implemented. They will also support and mentor other GRC governance Analysts I, III or III and Co-Ops & interns.
- Monitor and communicate changes to privacy regulations, translating regulations into practical guidance wherever SW conducts business
- Advise business leaders and technology teams on privacy, data protection, and riskInfluence cross-functional stakeholders to drive privacy by design principles
- Conduct gap analysis for new laws and develop and execute remediation plan
- Using strong strategic thinking skills conduct complex privacy risk assessments, anticipate regulatory trends and contribute to the GRC roadmap.
- Conduct Privacy Impact Assessments, Records of Processing and Data Mapping globally
- Conduct Regional Maturity Assessments and collect evidence
- Manage the Global Privacy Portal for privacy questions, complaints, or issues
- Manage the global Data Subject Request (DSR) process
- Provide governance on cookie categorization and cookie audits
- Provide support with internal & external legal counsels
- Manage internal audits including PCI, SWIFT and HIPAA
- Strong decision-making capabilities when handling ambiguous and evolving regulatory requirements.
- Monitor and ensure compliance requirements are being met and maintained i.e., websites, marketing campaigns and new projects or applications
- Influence outcomes through clear, persuasive communication, data driven insights, and recommendations.
- Maintain Global Business Landscape Statistics which include SW locations, functions of employees, and count of employees
- Maintain the data sensitivity Matrix
- Maintain Governance Calendar and ensure activities are completed
- Respond to emails in the privacy@sherwin.com email box
- Report monthly metrics
- Complete special projects as requested
This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa. Must be legally authorized to work in the country of employment without needing sponsorship for employment work visa status now or in the future.
Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company’s staff, employees, and business relationships
Must be eighteen or older.
This role is remote.
