Third Party Privacy Risk Analyst

Summary

Viking is seeking a highly motivated and dedicated Third Party Privacy Risk Analyst to join our Data Privacy team in Woodland Hills, CA. Reporting to our Director Privacy within the Internal Audit department, you will primarily focus on third-party vendor privacy risks management throughout the entire vendor engagement lifecycle, including privacy risk assessments, onboarding, controls implementation, vendor inventory, ongoing monitoring, and offboarding. You will interact with vendors and collaborate with internal Viking business owners to effectively address privacy-security issues. Additionally, you will support the team in developing and implementing data mapping and may be involved in other privacy projects as needed.

Our ideal candidate will have some background in cybersecurity and a strong understanding of data protection principles, privacy frameworks, US state laws, and GDPR. Prior experience in third-party vendor privacy risk management is highly preferred.

This is a hybrid position based in our Woodland Hills, CA office. You will be required to adhere to our hybrid work policy, working from our office Monday, Wednesday and Thursday on a weekly basis.

Job Responsibilities :

• Collaborate with Viking business owners in the third-party vendor onboarding .
• Initiate, manage, and review third-party risk assessments, review vendor security infrastructure, identify risks and suggest mitigation measures.
• Collaborate with IT to implement necessary controls and mitigation measures from privacy risk assessments.
• Monitor vendor assessment status, vendor audits, and requalification on a scheduled plan.
• Prepare regular reports and keep them current.
• Create and review templates for privacy-security risk questionnaires, checklists, AI tools assessments, and other necessary forms.
• Identify offboarding activities and collaborate with IT to ensure compliance with privacy laws and security standards.
• Collaborate with cross-functional teams to align privacy laws, security standards, and business imperatives.
• Stay updated on data privacy regulations, AI functionalities, and cybersecurity guidelines, recommending changes as needed.
• Support our data mapping project by identifying and documenting data sources, data flow, data storage and ensure accurate data tracking.
• Assist with the development, review, update, and implementation of privacy / security policies and procedures.
• Conduct data privacy impact assessments on software applications as requested.
• Support privacy program goals as directed by the supervisor.
• Assist with other department initiatives and projects as needed.
• Assess privacy-related risks from existing products and services.

Job Requirements :

What We Offer You :

Viking is a certified Great Place to Work company. This certification is a result of our commitment to excellence, integrity and our teams’ outstanding contributions.

About Viking

Viking was founded in 1997 and provides destination-focused voyages on oceans, rivers and lakes around the world. Designed for experienced travelers with interests in science, history, culture and cuisine, Chairman Torstein Hagen often says Viking offers experiences for The Thinking Person®.

Viking has more than 250 awards to its name, including being rated #1 for Rivers, #1 for Oceans and #1 for Expeditions by Condé Nast Traveler and voted at the top of its categories by Travel Leisure. No other cruise line has ever received these same honors by both publications at the same time.

Salary : $95,000 - $110,000