Job Title

We are seeking a self-motivated compliance and data privacy analyst to support National Pen's & compliance and data privacy program. We are looking for an individual familiar with SOX ITGC compliance and with major data privacy laws to include GDPR and CCPA/CPRA, possessing 2-3 years related work experience in these areas. Primary Responsibilities: Supporting the Data Privacy and Compliance lead and Manager with compliance and privacy initiatives aligned to SOX-ITGC, GDPR, and CCPA/CPRA. Reviewing quarterly SOX user testing / access review submissions to ensure accuracy and completeness of data, as well as appropriate formatting per known SOPs and guidelines. Helping in vendor & 3rd party risk assessment. Reviewing vendor contracts, MSA, SOC2 type 2 report and ISO certification validation etc. ROPA: Record or processing activities assessment Supporting technical implementation of data privacy initiatives to include website cookie preference banners, Global Privacy Control (GPC) sensing and data tagging, and customer opt-out from 3rd party data sales and sharing. This involves close coordination with National Pen's technical product teams. Preferred Experience and Skills: Two or more years of experience in a compliance and/or data privacy analyst role focusing on SOX ITGC and/or GDPR/CCPA/CPRA. Data protection impact assessment ROPA: Record or processing activities assessment Vendor and third-party risk assessment Information Technology background, with an understanding of common networking encryption, computing, and communication technologies at a technical level. Preferred Attributes and Qualifications: Ability to excel in a dynamic environment with rapidly changing priorities. Discretion with respect to best practices in information security. Discretion in communication with respect to the audience and nature of information communicated. CIPT, CIPP (US/E) or (EU), ISO/IEC 27001 Lead Auditor (LA) , PCI-DSS v4.0 Compliance any of these certifications are preferred NIST Cybersecurity Framework (CSF) Familiarity What You'll Gain Privacy & Compliance Analyst Hands-on experience with enterprise-grade privacy frameworks, compliance tools, and regulatory workflows. Mentorship from privacy and compliance leads. Exposure to real-world scenarios involving GDPR, CCPA/CPRA, and data protection impact assessments SOX-ITGC controls. A clear growth path toward roles such as Privacy & Compliance Lead.