About Northeastern: Founded in 1898, Northeastern is a global research university and the recognized leader in experience-driven lifelong learning. Our world-renowned experiential approach empowers our students, faculty, alumni, and partners to create impact far beyond the confines of discipline, degree, and campus.
Our locationsin Boston; Charlotte, North Carolina; London; Portland, Maine; San Francisco; Seattle; Silicon Valley; Toronto; Vancouver; and the Massachusetts communities of Burlington and Nahantare nodes in our growing global university system. Through this network, we expand opportunities for flexible, student-centered learning and collaborative, solutions-focused research.
Northeastern's comprehensive array of undergraduate and graduate programs in a variety of on-campus and online formatslead to degrees through the doctorate in nine colleges and schools. Among these, we offer more than 195 multi-discipline majors and degrees designed to prepare students for purposeful lives and careers.
About the Opportunity: The primary role of the Privacy Analyst is to support and direct the operational functions of the University's Privacy Program by: assisting the Chief Information Security Officer (CISO) in the strategic design, development and implementation of an integrated and comprehensive privacy program and in formulating the university's agenda for meeting institutional privacy obligations consistent with the university's mission, Academic Plan and global presence; and providing day-to-day oversight of the Privacy Program to address fundamental privacy issues and procedures related to safeguards for and management of access to personal data, in keeping with applicable laws, regulations and policies. The Privacy Manager will report to the Information Security Risk and Compliance Manager.
The Privacy Analyst will be responsible for effective collaboration with the Office of the General Counsel (OGC) and Compliance Department, as well as academic and business units in developing a strategic and compliant approach to data privacy, including in evaluating and managing data privacy risks, developing standards, policies, and enterprise-wide procedures, and providing guidance across the university on privacy issues, including third-party contracts and incident response. The ideal candidate should possess a combination of business knowledge, technical skills, people and communication skills, and the ability to guide data strategy and control standards.
Responsibilities: Monitor the university's program for privacy compliance in multiple jurisdictions, including, for example, under the GDPR and California and Canadian privacy laws; administer a program for intake, response and tracking of reported privacy-related concerns and participate in the university's incident response plan process; monitor Privacy and GDPR mailboxes; participate or staff standing committees that encompass privacy issues, such as the Privacy Oversight Council
Serve as point of contact for requests for records review and for obtaining OGC approval; serve as a privacy resource on legal requirements, access to and release of personal data, and development of tools and protocols, including privacy notices and consent forms
With OGC, develop and advance a consistent program for data subjects' access rights; collaborate on privacy initiatives with university officials having privacy responsibilities, for example the Registrar and Director of the Office of Human Subject Research Protection
Develop and deliver communications and training materials on privacy issues and best practices for diverse constituents
Conduct periodic information privacy impact assessments; coordinate regular reviews of policies related to privacy; participate in risk assessment process and development of risk management and mitigation plans
Bachelor's Degree required.
Four or more years of experience in a privacy-compliance role
Detailed knowledge of federal, state and international laws and regulations concerning privacy and information security
Strong analytical skills to effectively perform confidential privacy investigations, including preparing appropriate corrective action plans
Demonstrated ability to work effectively in teams and groups to plan, implement, and influence organizational change
Excellent oral and written communication skills, as well as strong classroom, platform, group facilitation, and consultation skills
Competence in resolving problems/conflicts in a diplomatic and tactful manner; exercising discretion in handling confidential information
Experience working in higher education and/or a complex organization
CIPT, CIPP or CIPM certification
Preferred Qualifications: N/A
Salary Grade: 12
Additional Information: A criminal background check is required for this position.
Northeastern University is an equal opportunity employer, seeking to recruit and support a broadly diverse community of faculty and staff. Northeastern values and celebrates diversity in all its forms and strives to foster an inclusive culture built on respect that affirms inter-group relations and builds cohesion.
All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, religion,
color, national origin, age, sex, sexual orientation, disability status, or any other characteristic protected by applicable law.
Founded in 1898, Northeastern University is a private research university located in the heart of Boston. Northeastern is a leader in worldwide experiential learning, urban engagement, and interdisciplinary research that meets global and societal needs. Our broad mix of experience-based education programs?our signature cooperative education program, as well as student research, service learning, and global learning?build the connections that enable students to transform their lives. The University offers a comprehensive range of undergraduate and graduate programs leading to degrees through the doctorate in nine colleges and schools.