Data Protection and Privacy Analyst (Data, Security, Analyst)

Data Protection and Privacy Analyst (Data, Security, Analyst)

As the world’s leading video and ecommerce retailer, QVC has a history of growth and success that goes unmatched. We are an $8.8 billion business that reaches over 300 million homes worldwide. QVC continues to grow on-line, on-air, and through mobile and is looking to hire a Data Protection and Privacy Analyst to assist in the execution of the global data protection and privacy program. We are an innovative, technology-driven company that embraces corporate responsibility and is committed to our people.

The Data Protection and Privacy analyst role is responsible for assisting the Director, IT Data Protection and Privacy in the execution of the global data protection and privacy program and standardization of security controls necessary for compliance with data privacy/protection regulations as well as contract obligations. This role helps drive data security efforts by empowering IT operations and project teams with enterprise data security policies, technology standards, industry regulation guidance, awareness campaigns, and best practices. In this role you will:

· Execute procedures for vetting and auditing vendors for compliance with privacy and data security policies and legal requirements

· Perform impact assessments when organization creates or changes procedures for handling confidential data or as applicable regulations require

· Examine data security controls, identify data privacy protection gaps, and advise necessary remediation

· Develop, maintain and update Data Governance Policy, related standards and documentation

· Collaborate with Legal, Audit, and Compliance to assure sustained compliance with privacy policy and industry laws and regulations

· Assist with the development and execution of privacy and data protection control testing and reporting; proactively devising solutions to any privacy issues found in testing

Requirements for Data Protection and Privacy Analyst (Data, Security, Analyst):

· Education: Bachelor’s Degree in Business, Accounting, Information Technology, or other quantitative discipline.

· experience within privacy and data protection, information security, compliance or legal experience working for a multi-national organization

· Experience within a large retailer or ecommerce business is preferred

· Sound understanding of security principles, such as logical access controls, change control, least privilege, segregation of duties, computer operations, identity and access management, network security, vulnerability management, and secure coding.

· An understanding of data protection regulations and standards (e.g., Safe Harbor/Privacy Shield, EU Data Protection Directive, EU directive 95/46/ec, EU Cookie Law, etc.).

· Strong technology acumen and the ability to assess data privacy gaps in products/services design

· Proficient in information security governance frameworks and related controls

· Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x, ITIL, CSC20, COBIT and National Institute of Standards and Technology (NIST) frameworks

· Broad technical understanding of data management platforms (e.g., IBM DB2, Oracle, Microsoft SQL Server, etc.) and associated data security controls.

· Familiar with global, national and state privacy rules and regulations including regulatory agency requirements

· Familiar with assessing Data protection and privacy contract terms

· Expert understanding of data classification, data protection, and data retention standards and practices.

· Familiarity with common enterprise, web, and mobile application technologies

· Familiarity with developing privacy and information security training programs

· Strong analytical and time management skills

Preferred Requirements for Data Protection and Privacy Analyst (Data, Security, Analyst):

· Certified Information Privacy Professional (CIPP)

· Industry Standard Security certifications including: SANS, CEH, CISA, CISM, CISSP, and CSSLP

The benefits package for the Data Protection and Privacy Analyst (Data, Security, Analyst) role include:

• 23 days holiday

• 20% discount on products sold at QVC and access to onsite discounted staff shop

• Competitive pension scheme

• Health insurance

• Season ticket loan

• Bicycle loan

• Working hours 37.5/week

PLEASE NOTE: You must be eligible to work in the UK to apply for this role

If you’re interested in this Data Protection and Privacy Analyst (Data, Security, Analyst) role, please click “Apply Now”!

Keywords: Data, Privacy, Security, Analyst, Data protection, privacy analyst, security analyst, identity and access management, network security, vulnerability management, security, secure coding.