GRC Data Protection Analyst (Unpaid Volunteer Position)

Location: Remote

Reports to: GRC Manager

Time commitment: minimum 20 hours weekly

Summary:

As we grow, the protection of our customers’ and clients’ data is paramount. We are looking for a skilled and proactive Governance, Risk, and Compliance (GRC) Analyst to help build and mature our data protection aspect. This role will ensure our products and business operations comply with global data privacy regulations and security best practices from launch onward.

Job Descriptions:

• Monitor and enforce compliance with global data protection regulations, including GDPR, CCPA, and other relevant privacy laws, across the events tech platform.
• Conduct data protection impact assessments (DPIAs) for new features and technologies. Maintain the company’s risk register, specifically identifying, assessing, and mitigating privacy-related risks.
• Develop, review, and maintain data protection policies, standards, and guidelines for the organization. Ensure policies are communicated and implemented across all relevant teams.
• Working comprehensively on data privacy challenges and requirements specific to the events technology sector, including attendee data collection, sponsor data sharing, and platform security.
• Maintain an inventory of data processing activities and analyze user data movement through the company as well as third parties systems.

Candidate Qualifications:

• A bachelor’s or master’s degree in a related field such as Information Technology, Computer Science, Law, or Business Administration
• Several years of hands-on experience in data protection, risk management, and compliance is often expected for experienced roles.
• Precision in handling data, documenting findings, and tracking compliance requirements is critical.
• Proven ability to analyze complex issues, identify trends, and develop effective solutions.