Privacy Compliance Specialist

Job Summary

GoTo Foods is seeking a Privacy Compliance Specialist to help our Privacy & Compliance program. The incumbent will assess policies, procedures, and operations to ensure they meet risk and compliance requirements, aid in risk and compliance processes, perform administrative tasks in records and information management, and perform other risk and compliance tasks to help accelerate our mission of Feeding People and Potential.

The incumbent will have experience in risk coordinating, managing, and administering business content, performing, and analyzing supplier assessments, and providing services to the business and shared services.

The incumbent must have a solid understanding of technology and data protection and a solid understanding of information assurance and security along with a familiarity of IT auditing concepts, either as an auditor or as an auditee.

The ideal candidate will have familiarity with common compliance requirements in the retail industry.

Essential Functions

• Assisting in the performance of Data Subject Requests using our current tools.
• Assisting the GRC Analyst in Supply Chain Risk Management program tasks.
• Assists implementations of plans governing compliance, risk, and data management
• Assisting in tracking, and reporting on awareness training and testing
• Assists in data entry of controls, mitigation plans, and processes for the Security and Privacy Team.
• Facilitates and monitors performance of risk remediation tasks, changes related to risk mitigation & reports on findings.
• Documents technology risks and controls
  
  

Education

• Bachelor’s Degree or equivalent work experience with a focus on Cybersecurity, Information Technology, Information Management, Risk, or Audit preferred
  
  

Work Experience

• Prior experience performing security reviews and risk assessments preferred.
• Prior experience working in risk management programs preferred.
• Exposure to privacy and compliance regulations including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and the Payment Card Industry Data Security Standard (PCI DSS)
• Project management experience is highly desirable
• Experience in retail or food and beverage is desirable
  
  

Skills

• Works independently under general supervision with considerable latitude for initiative and independent judgment
• Excellent communication, interpersonal, organizational, and writing skills, including plan status, results, and presentations
• Solutions-oriented team player, with a track record of identifying and implementing creative solutions
• Ability to understand, analyze, and interpret complex regulatory, and IT-related documents.
• Ability to communicate complex, technical concepts to a variety of stakeholders, to include executive team, business leaders and technical ability to develop and maintain positive business relationships and foster an environment of mutual respect, understanding, trust, and support.
  
  

Certifications

• Information Security certifications (e.g., CISSP, CISA, CRISC); preferred
• One or more IAPP CIPP certification(s) a plus
  
  

Travel Requirement

• None