Senior Privacy Analyst
CME Group is the world's leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. We're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.
To learn more about what a career at CME Group can offer you, visit us at www.wherefuturesaremade.com .
This position supports and reports to the Sr. Director, Information Governance. This role is specifically responsible for performing daily operational activities within the Privacy Office to assist with demonstrating compliance with Privacy laws, regulations and other obligations. This role will also be responsible for conducting training and awareness activities related to Privacy and Confidentiality, in coordination with Global Information Security (GIS). Responsibilities and Duties
Qualifications and Experience:
- Assists with the privacy risk assessments and advises on appropriate corrective actions.
- Identifies, reports and monitors privacy vulnerabilities and risks within RSA Archer.
- Assists with breach investigations in collaboration with the business, legal and GIS.
- Monitor compliance with policies by conducting impact assessments on current and new processes.
- Provide guidance and facilitate input for contractual agreements.
- Track and manage required registrations and certifications (e.g. DPO, PCI, etc.)
- Assist with updating and/or creating policies, procedures and standards, and conduct applicable training and awareness activities.
- Keep abreast of regulatory changes and determine potential impacts to the business or relevant policies.
- Participate in continuing education, seminars, and professional organizations to maintain up-to-date knowledge of new issues and regulatory developments.
- Completes responsibilities with limited supervision while keeping management abreast of their activities and the progress.
- Bachelor's degree or equivalent educational or professional experience and/or qualifications in business, pre-law, or information security and privacy.
- Familiarity with privacy laws, regulations, frameworks, and industry practices.
- Demonstrable privacy or compliance experience required
- Experience with identifying and assessing risk and ability to drive improvements in identifying reasonable solutions.
- Experience with RSA Archer Vendor Management tool and SharePoint Administration a plus
- Strong communication, facilitation, and relationship building skills
- Experience working with global teams having different skillsets from Information Technology, Human Resources, Legal, Finance, etc.
- Comfortable dealing with all levels of management
- Strong analytic skills
- Technical skills, required
- Highly organized with excellent time management and related organizational skills, including appropriate sense of urgency, a proactive approach, and a suitable ability to anticipate and manage project lifecycle events, issues and obstacles