Lead data privacy and security assessments for systems managing PII, evaluate controls, identify gaps, and prepare detailed reports to ensure compliance with privacy laws.
Job Description SummaryGE is seeking a qualified professional with expertise in data privacy regulations to support global compliance initiatives. This role involves leading and conducting data privacy risk assessments, security assessments and information security audits across systems processing personally identifiable information (PII), using established frameworks to evaluate privacy and security controls, identify gaps, and prepare detailed assessment reports. The candidate will work closely with business teams to address and remediate issues, ensuring compliance with international and emerging privacy laws such as GDPR, HIPAA, DPDP, and LGPD.Job Description
Roles and Responsibilities:
- Lead and perform data privacy assessments for systems managing personally identifiable information.
- Evaluate the design and operational effectiveness of privacy / security controls by partnering with control owners and stakeholders.
- Identify control deficiencies, support remediation efforts through resolution, and report non-conformances in a timely manner.
- Prepare and deliver comprehensive summary reports for each data privacy / security assessment or review.
- Align all activities with the Unified Control Framework (UCF) to maintain consistency and compliance across processes.
- Maintain clear and proactive communication with application teams regarding assessment scope, expectations, and timelines.
- Drive initiatives to improve processes and enhance efficiency through automation and streamlined controls.
- Educate project teams on privacy regulations and related IT control requirements to promote awareness and ensure regulatory compliance.
- Establish operating rhythm to report out on key metrics including status of assessments and issue management.
- Ensure audit readiness, provide audit support, and manage audit-related activities to facilitate successful outcomes.
Qualifications & Skills:
- Bachelor’s degree in information security, Computer Science, Information Technology, Law, or a related field.
- Some years of experience in data privacy, information security, IT audit, compliance, or risk management.
- Strong knowledge of global data privacy laws and frameworks (e.g., GDPR, LGPD, DPDP) and U.S. health data regulations (HIPAA).
- Solid understanding of the concept of personally identifiable information (PII) and its protection requirements.
- Familiarity with IT security concepts, IT controls: including access management, infrastructure, encryption, and cybersecurity practices.
- Ability to identify appropriate testing procedures and assess the effectiveness of technology and privacy controls.
- Strong communication skills with the ability to explain complex issues to both technical and non-technical audiences, including engineering, legal, and project teams, focusing on risk and impact.
- Critical thinking and analytical skills to interpret data, identify trends, and assess privacy risks.
- Self-driven with the ability to independently plan and manage assessment schedules.
- Proficiency in English, both written and verbal.
Desired Characteristics
- Internationally recognized information security/information system audit certification/qualifications such as CISA, CISM, CISSP or CIA (IAPP)
- Experience with GRC tools (e.g., Archer, ServiceNow GRC).
- Experience conducting risk assessments, identifying gaps, and recommending mitigation strategies.
- Experience supporting audits and managing audit readiness activities.
Relocation Assistance Provided: No
Top Skills
Archer
Dpdp
Gdpr
Grc Tools
Hipaa
Lgpd
Servicenow Grc
Similar Jobs
Artificial Intelligence • Healthtech • Analytics • Biotech
The Senior Digital Auditor conducts IT security assessments, develops assessment approaches, prepares reports, engages with business units, and remediates control gaps to enhance the security posture.
Top Skills:
Audit Analytics ScriptsCobitIsoIt Risk Assessment FrameworkNistPci
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
As a Corporate Sales Engineer, you will leverage expertise in Next-Gen SIEM to support sales efforts, conduct demonstrations, and collaborate effectively with teams.
Top Skills:
AWSAzureGCPLog Management TechnologyNext-Gen Siem
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
The role involves leading backend engineering efforts in a distributed system, building cloud-based solutions, and mentoring within a collaborative team.
Top Skills:
AWSGitGoKafkaKubernetesOpensearchRedis
What you need to know about the Los Angeles Tech Scene
Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
