Jobs · Information Technology · Massachusetts

Security & Privacy Analyst

Apps Associates · Acton, MA · 3 wk ago
HybridInformation TechnologyFull-time

Key Responsibilities

  • Support the organization's information security and compliance programs.
  • Assist with customer security assessments, questionnaires, and due diligence requests.
  • Support annual audits and certifications, including SOC and ISO-related activities.
  • Collect, organize, and maintain compliance evidence and documentation.
  • Affiliate policy development, maintenance, and periodic reviews.
  • Monitor regulatory, contractual, and customer security requirements.

Privacy & Data Protection

  • Support compliance with applicable privacy regulations, including GDPR, CCPA/CPRA, and other data protection requirements.
  • Cook Data Subject Access Requests (DSARs) and other privacy-related requests.
  • Maintain Records of Processing Activities (RoPA) and privacy documentation.
  • Participate in Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
  • Affiliate vendor privacy reviews and data protection agreement tracking.
  • Affiliate privacy incident documentation and response activities.

Risk Management & Governance

  • Support third-party risk management and vendor assessments.
  • Affiliate risk assessments and remediation tracking.
  • Maintain governance, risk, and compliance records and reporting.
  • Affiliate security and privacy metrics, reporting, and dashboards.
  • Affiliate implementation and administration of governance, risk, and compliance (GRC) platforms.

Training & Awareness

  • Coordinate security and privacy awareness initiatives.
  • Affiliate compliance training administration and tracking.
  • Develop communication and awareness materials to promote security and privacy best practices.

Cross-Functional Collaboration

  • Partner with Security, Legal, Contracts, Human Resources, IT, and business teams to support compliance objectives.
  • Affiliate customer and vendor contract reviews related to security and privacy requirements.
  • Participate in internal projects to ensure security and privacy considerations are appropriately addressed.
  • Affiliate customer, vendor, and audit inquiries as needed.

Qualifications

  • 3–5 years of experience in information security, privacy, compliance, governance, audit, risk management, or a related field.
  • Working knowledge of information security principles and controls.
  • Familiarity with security, privacy, and compliance frameworks and regulations, including HIPAA, PCI DSS, FERPA, GDPR, CCPA/CPRA, or similar requirements.
  • Strong organizational, analytical, and documentation skills.
  • Excellent written and verbal communication skills.
  • Ability to manage multiple priorities in a fast-paced environment.
  • Ability to work independently with limited supervision.
  • Proficiency with Microsoft Office applications, including Excel, Word, and PowerPoint.

PREFERRED EXPERIENCE

  • Support SOC 1, SOC 2, ISO 27001, or similar compliance frameworks.
  • Experience with vendor risk management and customer security questionnaires.
  • Familiarity with privacy assessments, data mapping, and data governance activities.
  • Experience with governance, risk, and compliance (GRC) platforms.
  • Knowledge of artificial intelligence (AI) technologies, AI governance frameworks, privacy considerations, and emerging regulatory requirements (e.g., ISO 42001, EU AI Act) is highly desirable.

Professional Qualities

  • Strong attention to detail and follow-through.
  • Ability to work independently and collaboratively.
  • Sound judgment and professionalism when handling sensitive and confidential information.
  • Curiosity and willingness to learn across security, privacy, governance, compliance, and AI disciplines.
  • Strong customer service mindset and ability to communicate effectively with technical and non-technical stakeholders.
  • High degree of integrity, ethics, and accountability.

Why Join Apps Associates?

  • This role offers a unique opportunity to work directly with executive leadership while contributing to a global security, privacy, and compliance program.
  • The successful candidate will gain broad exposure to cybersecurity, privacy, governance, audit, risk management, AI governance, customer compliance initiatives, and emerging technologies within a growing professional services organization.

Similar jobs

Privacy Analyst

UltraViolet CyberArlington, VA· Yesterday
apply on jobs.lever.co

Privacy Analyst

UChicago MedicineIllinois, United States· 1 wk ago
Managementapply on fa-etnf-saasfaprod1.fa.ocs.oraclecloud.com

Privacy Analyst

LaddersUnited States· 1 wk ago
RemoteManagement$135k–$159k/yrapply on theladders.com

Privacy Analyst

CoinbaseSan Francisco, CA· 1 wk ago
RemoteManagementapply on grnh.se

Privacy Analyst

Gemini IndustriesGreater Richmond Region· 1 mo ago
Managementapply on phe.tbe.taleo.net