Cybersecurity Senior Analyst

About This Role

Support the firm's data privacy incident response processes, including identification, assessment, documentation, and notification activities related to data compromises or other privacy events. This role involves interpreting state and federal privacy requirements and contributing to process improvements to mature the organization's privacy risk posture.

Responsibilities

• Review relevant state and federal privacy and breach-notification requirements to determine notification obligations for individuals, regulators, and other required parties
• Support the review and assessment of privacy events, including potential data compromises, unauthorized disclosures, or inappropriate access to personal information
• Assist in evaluating the severity, scope, and impact of privacy events, including identifying data types involved and affected populations
• Assist with the preparation and delivery of required regulatory notifications, individual notices, and internal reporting
• Maintain complete and accurate documentation of privacy incidents, decisions, timelines, and actions taken
• Gather and validate incident-related information, including reports, logs, or business unit (BU) inputs
• Use light SQL or HQL queries to perform data discovery, validate impacted records, or determine event scope
• Partner with Cybersecurity, Legal, Compliance, corporate investigations, and stakeholder teams to support investigation activities and follow-up actions
• Contribute to continuous learning efforts, including recommending improvements to policies, procedures, or technologies that reduce privacy risk
• Support updates to privacy incident response procedures, runbooks, documentation, and escalation paths based on lessons learned
• Assist with tracking and reporting privacy incident metrics, trends, and risk indicators to leadership
• Participate in incident response exercises or simulations to strengthen readiness and response quality

Requirements

• 2+ years of experience working within an enterprise Information/Cyber Security setting, or equivalent experience
• Knowledge in information systems and ability to apply that knowledge in practice
• Experience participating in IT projects

Qualifications

• Bachelor’s degree or an equivalent combination of education and work experience.
• 2+ years of experience working within an enterprise Information/Cyber Security setting, or equivalent experience.

Nice to Have

• Banking or financial services experience.
• IAPP certifications (CIPP/US, CIPT, or CIPM)
• Experience with privacy incident response or breach‑notification processes
• Ability to interpret privacy regulations and apply statutory requirements
• Light experience with SQL or HQL for data validation and discovery
• Experience using incident tracking systems or workflow management tools
• Experience enterprise process improvement activities

Skills

* Required skills

Benefits