Gannett

The position of Privacy Analyst in the Gannett Privacy Office will fulfil a critical role in supporting the Gannett’s privacy program to comply with privacy laws, mitigate risk and build trust with our customers and consumers.

Base Salary Range: $100,000-$120,000 annually

Conduct architecture reviews of ad tech stack and provide privacy guidance to our ad tech teams

• Analyze system designs and data flows to identify and mitigate potential privacy vulnerabilities
• Providing privacy support for security incident response, triaging privacy incident investigation and supporting the Gannett Privacy Office in related breach response
• Assisting in the development and maintenance of privacy content for the company’s privacy intranet
• Support assessments of third-party vendors for privacy compliance
• Website cookie Scanning management
• Stay current with international and domestic privacy laws and regulations, including GDPR, CCPA, HIPAA, and others relevant to our industry.
• Help manage OneTrust suite of privacy modules used by Gannett
• Help to maintain records of data processing activities, data protection impact assessments to demonstrate compliance with applicable data protection laws
• Support responding to data subject rights requests
• Managing program metrics and reporting
• Ad-hoc activities, as required

Strong understanding of data protection laws and regulations (e.g. GDPR, CCPA/CPRA)

• Strong understanding of data privacy principles, risk assessment, and mitigation.
• IAPP certification(s) (CIPM, CIPP, CIPT), or ISO27001 certification(s), or ISACA Privacy Certification 
• OneTrust certification
• Familiarity with Privacy by Design principles
• Experience with conducting impactful reviews (PIAs, audits, process evaluations, gap assessments, etc.).
• Experience with Privacy Enhancing Technologies (PETs) and infrastructure for enabling data analysis in a privacy conscious manner including sharing business insights with customers and advertisers
• Knowledge of the ad tech ecosystem preferred
• Experience with technical privacy concepts (e.g., anonymization, encryption, differential privacy)
• Bachelor’s degree
• 3-5 years experience in privacy compliance

LI-NR2

LI-REMOTE

The annualized base salary for this role will range between $79,200 and $162,000. Base compensation is reflective of many factors, including, but not limited to, the market in which one lives/works, individual education level, skills, certifications, and experience. Note: variable compensation is not reflected in these figures and based on the role, may be applicable.