Catalina’s personalized digital media connects shoppers to the brands we know they want. We do this by delivering only the most relevant ads and offers from their home to the aisle.
And only Catalina knows the evolving purchase history and individual needs of more than three-quarters of (280 million) American shoppers.
With the world’s largest shopper purchase history database driving all personalized media across our networks, Catalina drives lift and loyalty for the world’s leading CPG brands and retailers.
We target consumers with the right behavior-based message when it’s most impactful via the channel that’s most likely to reach them digital or in the store.
The Global Governance, Security and Privacy (G-GSAP) team is responsible for developing, implementing, and administering Catalina’s global data governance security and privacy compliance program.
With security, risk and privacy concerns so prevalent, Catalina’s GSAP organization’s mission is to protect Catalina’s brand by identifying and reducing risk across the enterprise to improve levels of privacy, cybersecurity, and resilience.
GSAP will identify risks, recommend solutions, and handle investigations, breaches, and incidents to ensure Catalina has a trusted and private environment that provides Catalina and Catalina clients the freedom to innovate, grow, pursue strategic goals, and to do business anywhere and anytime.
This position with report to the Director / Mgr of Privacy
Successful candidate will join a of team of highly qualified individuals who collaborate and support each other. Candidate will have the opportunity to grow their knowledge not only in privacy but also security.
Example provided in sample job attached
Handles Data Subject Rights (DSR) requests; receives, inputs and tracks completion and compliance within designated timelines.
Inputs, updates, and continually tracks and improves Catalina’s data mapping function in OneTrust
Learn an assist with the administration of OneTrust to ensure the tool is continually improved and utilized fully
Supports the Data provider due diligence process
Supports the Third Party Assurance program.
Support the Client Assurance program.
Support the completion of DPIA’s as required; work with business teams to provide appropriate feedback
Stay up-to-date on GDPR, APPI, CCPA, and other relevant privacy regulations.
Through analysis, deliver guidance to ensure consumer experiences and internal data collection are consistent with Catalina’s privacy principles as well as applicable laws.
Encourage privacy best practices through consistent analysis, feedback, and follow-through with teams.
Periodically supports the review Catalina’s information systems to monitor for privacy compliance
Works with other members of the GSAP team to ensure alignment between security and privacy compliance programs including policies, practices, investigations, and acts as a liaison to the information systems department.
Assists with the development, implementation, and delivery of privacy training to Catalina employees
Participates in breach preparedness training and readiness tests and supports the investigation of any potential breach incidents, including remediation.
Support business initiatives regarding digitalization and mobility by ensuring proper privacy measures are implemented in the business solutions and related commercial contract terms
Liaise with other team members and with the Legal department to develop / maintain subject matter expertise, contribute to team knowledge, and maintain consistency with our business partners.
Continue education and development to stay current regarding privacy regulations and best practices.
Engage with trade organizations and other resources to develop a holistic understanding of privacy environment and challenges across the industries
WHAT YOU BRING TO THE TEAM
Bachelor’s Degree in any field, and 3 years professional experience.
An IAPP Certification completed within 18 months of hire
2 years of privacy experience or 6 years of compliance
Knowledge of GDPR, APPI, CCPA, and other privacy regulations
Basic understanding of security controls
Experience working with disparate teams.
Strong ability to communicate the importance of privacy by design as a business differentiator and core value, beyond legal compliance.
Must be able to effectively communicate complex issue in English
ADDITIONAL PREFERRED SKILLS
Master’s degree or JD
Security certification such as CISSP
Already hold a IAPP certification
Experience with compliance
Ability to speak and / or read a third language such as French, German, Japanese, Italian