Data Governance & Privacy Analyst

Get to Know Us:
It's fun to work in a company where people truly believe in what they're doing!
At BlackLine, we're committed to bringing passion and customer focus to the business of enterprise applications.
Since being founded in 2001, BlackLine has become a leading provider of cloud software that automates and controls the entire financial close process. Our vision is to modernize the finance and accounting function to enable greater operational effectiveness and agility, and we are committed to delivering innovative solutions and services to empower accounting and finance leaders around the world to achieve Modern Finance.
Being a best-in-class SaaS Company, we understand that bringing in new ideas and innovative technology is mission critical. At BlackLine we are always working with new, cutting edge technology that encourages our teams to learn something new and expand their creativity and technical skillset that will accelerate their careers.
Work, Play and Grow at BlackLine!
Make Your Mark:
Responsible for assisting in the continued development, implementation, and maturation of an Enterprise Data Governance & Privacy Program from end to end in a continuous improvement, growth, SaaS environment.
Support Information Security, Governance, Risk Management, and Compliance workflows, validate adherence to information security standards, and support audit and regulatory compliance projects.
The GRC analyst, Data Governance & Privacy pairs a strong analytical mindset with exceptional business acumen, effective communication skills, and operational excellence to drive progress and results on internal governance initiatives to support security, privacy, compliance, and technical requirements companywide.
You'll Get To:

• Assist GRC Management in developing and deploying data and privacy compliance processes and systems across technical and non-technical teams
• Support the development, delivery and maintenance of ISO 41000 and supporting processes
• Perform the review and approval of AI data processing requests
• Operationalize data and privacy governance by managing the rollout of data stewardship efforts to applicable business units
• Assist in the development of meaningful data handling policies, standards, and guidelines
• Facilitate data governance and privacy reviews at scale to drive adoption of data management best practices
• Develop and maintain documentation of data governance and privacy reviews, including policies, data flow diagrams, assessment results and recommendations, and inventories of data, systems, and activities
• Develop, refine, and report on key metrics related to data governance and privacy operations to support compliance at scale
• Perform analysis and provide recommendations across the spectrum of the data governance framework, including Data Architecture, Data Modeling and Design, Data Storage and Operations, Data Security, Data Integration and Interoperability, Documents and Content, Reference and Master Data, Data Warehousing and Business Intelligence, Metadata, and Data Quality.
• Provide Support with operating IT Risk Assessment, Vendor due diligence, privacy assessments and Risk Management programs.
• Provide operational support to GRC department in other tasks, initiatives, audits and projects, as needed
• Collect and maintain evidence of compliance with information security policies, data governance and regulatory requirements (i.e., GDPR, CCPA, HIPAA).
• Review and update information security, data governance policies and privacy procedures, standards, and other InfoSec documentation.

What You'll Bring:
Years of Experience in Related Field: 3+
2+ years of data quality, privacy, or similar data analysis experience required
Education: Bachelor's degree in related field (Technology or Business-related)
Technical/Specialized Knowledge, Skills, and Abilities:

• Understanding of technical aspects of information security.
• Working knowledge of common IT technologies and processes.
• Understanding of common Information Security and Information Technology frameworks and standards, such as, COBIT, CSA, NIST 800-53, SOC 1, SOC 2 and ISO 27001.
• Strong understanding of privacy concepts, regulations and Privacy information Management frameworks PII, PHI, financial data regulations, data residency requirements, and international regulatory aspects pertaining to sensitive information (i.e., GDPR, CCPA, HIPAA, DPA, ISO 27018, ISO 27701)
• Thorough understanding of Information Security Governance, Risk Management, Compliance, and Audit Management concepts and processes
• Strong understanding of databases and data structures
• Ability to transform abstract regulatory requirements into cohesive compliance actions.
• Effective communication and organizational skills including ability to present technical subjects to non-technical audiences., multitasking, time management and attention to detail.
• Ability to collaborate in a team setting and facilitate conversations involving cross-functional groups.
• Strong working knowledge of Jira, Confluence, SharePoint, Visio, Microsoft office suite; presentation and report development skills, including an ability to prepare and interpret flowcharts, schedules and step-by-step action plans.

We're Even More Excited If You Have:

• Certifications highly desired (CISA, CIA, CISM, CISSP, CIPM CRISC, ISO Lead Auditor)
• Prior Audit Management or Regulatory Compliance experience a plus
• Understanding of technical Information Security concepts a plus
• Data analytics and reporting experience preferred
• SaaS industry experience a plus

Thrive at BlackLine Because You Are Joining:

• A technology-based company with a sense of adventure and a vision for the future. Every door at BlackLine is open. Just bring your brains, your problem-solving skills, and be part of a winning team at the world's most trusted name in Finance Automation!
• A culture that is kind, open, and accepting. It's a place where people can embrace what makes them unique, and the mix of cultural backgrounds and varying interests cultivates diverse thought and perspectives.
• A culture where BlackLiner's continued growth and learning is empowered. BlackLine offers a wide variety of professional development seminars and inclusive affinity groups to celebrate and support our diversity.

BlackLine is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity or expression, race, ethnicity, age, religious creed, national origin, physical or mental disability, ancestry, color, marital status, sexual orientation, military or veteran status, status as a victim of domestic violence, sexual assault or stalking, medical condition, genetic information, or any other protected class or category recognized by applicable equal employment opportunity or other similar laws.
BlackLine recognizes that the ways we work and the workplace itself has shifted. We innovate in a workplace that optimizes a combination of virtual and in-person interactions to maximize collaboration and nurture our culture. Candidates who live within a reasonable commute to one of our offices will work in the office at least 2 days a week.