Data Privacy and Compliance Analyst

We are seeking a self-motivated compliance and data privacy analyst to support NationalPen's & Compliance and Data Privacy Program. We are looking for an individual familiar withSOX ITGC compliance and with major data privacy laws, including GDPR and CCPA/CPRA,possessing 2-4 years of related work experience in these areas.Primary Responsibilities:Supporting the Data Privacy and Compliance lead and manager with compliance and privacy initiatives aligned to SOX-ITGC, GDPR, and CCPA/CPRA.Reviewing quarterly SOX user testing/access review submissions to ensure accuracy and completeness of data, as well as appropriate formatting per known SOPs and guidelines.Helping in vendor & 3rd party risk assessment.Reviewing vendor contracts, MSA, SOC2 type 2 report, ISO certification validation, etc.ROPA: Record of processing activities assessmentSupporting technical implementation of data privacy initiatives to include website cookie preference banners, Global Privacy Control (GPC) sensing and data tagging, and customer opt-out from 3rd party data sales and sharing. This involves close coordination with National Pen's technical product teams.Preferred Experience and Skills:Two or more years of experience in a compliance and/or data privacy analyst role focusing on SOX ITGC and/or GDPR/CCPA/CPRA.Data protection impact assessmentROPA: Record of processing activities assessmentVendor and third-party risk assessmentInformation technology background, with an understanding of common networking encryption, computing, and communication technologies at a technical level.Preferred Attributes and Qualifications:Ability to excel in a dynamic environment with rapidly changing priorities.Discretion with respect to best practices in information security.Discretion in communication with respect to the audience and nature of information communicated.CIPT, CIPP (US/E) or (EU), ISO/IEC 27001 Lead Auditor (LA), PCI-DSS v4.0 Compliance any of these certifications are preferredNIST Cybersecurity Framework (CSF) FamiliarityWhat You'll Gain Privacy & Compliance AnalystHands-on experience with enterprise-grade privacy frameworks, compliance tools, and regulatory workflows.Mentorship from privacy and compliance leads.Exposure to real-world scenarios involving GDPR, CCPA/CPRA, and data protection impact assessments SOX-ITGC controls.A clear growth path toward roles such as Privacy & Compliance Lead.

Apply Now