Protection of our data is a top priority! DocuSign is looking for a Data Management Analyst that will partner with our Security, Privacy and Legal teams to lead our data management and data subject access request programs. This person will drive programs to ensure that enterprise data is available, reliable, consistent, accessible, secure and timely to support mission critical activities across the company.
This position is an Individual Contributor and reports to the Sr. Director of Architecture and IT Business Operations
- Work cross-functionally with the business and technical owners, architecture, privacy and legal teams to build and maintain accurate and up-to-date data processing inventories across the enterprise.
- Manage and administer data inventory tools and provide operational reports to the management teams.
- Partner with key business, technical and legal stakeholders across various business groups to develop and maintain processes related to the data and application inventory life cycle.
- Lead cross functional initiatives to drive our enterprise-wide data protection strategy forward (e.g., risk based application inventory, data classification, access and encryption controls, data discovery\monitoring, etc.)
- Partner with our engineering and marketing teams to drive Data Subject Access requests across our technology stack.
- Work to identify and manage privacy and data protection risks that will drive improvements to the enterprise-wide data protection strategy, policy, processes, and tools.
- S. degree and 5 years of work experience in IT risk consulting, information security, privacy, information systems compliance, or another relevant field
- Knowledge of IT security and privacy risks and best practice controls across multiple technologies and processes
- Working knowledge of NIST, ISO 27001 or ISO 27018, SOC security and privacy principles and provide practical examples of their application across the technical domains
- Solid experience working in "Cloud\SaaS” Infrastructure and Business Applications architectures the ability to address the unique security considerations of secure Cloud computing
- Knowledge and understanding of upcoming General Data Protection Regulation (GDPR)
- Experience in a complex enterprise application environment with integrations and customizations to support multiple business processes.
- Excellent verbal and written communication skills including the ability to present to a wide range of audiences
- Strong project management skills; demonstrated ability to meet deadlines and manage/prioritize simultaneous requests.
- Ability to organize and lead meetings with large stakeholder groups
- Strong team player but also able to work independently without supervision
- Organized and detail-oriented, able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently
- Experience in developing and/or implementing data protection controls, as part of the company’s data protection program in response to company/customer needs
- Executive-level relationship-building skills Data privacy experience (working globally with EU policies), CIPP or CIPT preferred.