Job Description:
The Privacy Analyst plays a key role in safeguarding the organization’s data assets, ensuring compliance with privacy laws, and supporting the development of privacy‑first business practices. This role blends analytical thinking, regulatory awareness, and cross‑functional collaboration to help the company manage risk and maintain trust with customers, employees, and partners.
The ideal candidate is detail‑oriented, comfortable interpreting complex regulations, and skilled at translating privacy requirements into practical operational guidance.
What You'll Be Doing:
Privacy Compliance & Governance
Monitor and interpret global privacy regulations (e.g., GDPR, CCPA/CPRA, HIPAA, GLBA) and assess their impact on business operations.
Support the development, implementation, and maintenance of global privacy policies, standards, and procedures.
Conduct privacy impact assessments (PIAs), data protection impact assessments (DPIAs) and gap assessments.
Partner with business and privacy leaders to develop and maintain records of processing activities (RoPA) and data mapping initiatives.
Manage data privacy certifications.
Review data privacy contractual provisions.
Risk Management & Incident Support
Identify privacy risks and recommend mitigation strategies.
Support incident response activities, including documentation, triage, and coordination with security teams.
Participate in or prepare responses to vendor privacy questionnaires, reviews and third‑party risk assessments.
Provide support for data privacy and cybersecurity audits
Data Handling & Operational Support
Administer data privacy technology platform
Partner with product, engineering, HR, legal, and security teams to embed privacy‑by‑design principles.
Review new projects, tools, and processes for privacy implications.
Assist with data subject access rights request (DSR/DSAR) workflows, including access, deletion, and correction requests.
Assist with Arrow's information governance, including record retention schedule
Training & Awareness
Contribute to privacy training materials and awareness programs.
Provide guidance to internal teams on privacy best practices and regulatory obligations.
Assist with data privacy and technology initiatives.
What We Are Looking For:
Paralegal Certificate or Bachelor’s degree in Information Privacy, Cybersecurity, Law, Business, or related field (or equivalent experience).
At least 2–4 years of relevant experience in privacy, compliance, risk management, or data governance.
Familiarity with major privacy regulations and frameworks.
Experience drafting contracts, policies, and providing support for business operations
Technology Proficiency: Familiarity with compliance management software and tools. Understanding how technology can automate compliance processes, track compliance metrics, and facilitate reporting.
Strong analytical, communication, and documentation skills.
Certifications such as CIPP/US, CIPP/E, CIPM, or CIPT are a plus.
Work Arrangement:
Hybrid: 3 days in office/2 days work from home
What’s In It For You :
At Arrow, we recognize that financial rewards and great benefits are important aspects of an ideal job. That’s why we offer competitive financial compensation, including various compensation plans and a solid benefits package.
Medical, Dental, Vision Insurance
401k, With Matching Contributions
Short-Term/Long-Term Disability Insurance
Health Savings Account (HSA)/Health Reimbursement Account (HRA) Options
Paid Time Off (including sick, holiday, vacation, etc.)
Tuition Reimbursement
Growth Opportunities
And more!
Annual Hiring Range/Hourly Rate:$72,800.00 - $84,700.00Actual compensation offer to candidate may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level. The pay ratio between base pay and target incentive (if applicable) will be finalized at offer.
Location:US-GA-Alpharetta, Georgia (Sanct)
Time Type:Full time
Job Category:LegalEEO Statement:
Arrow is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, gender, age, sexual orientation, gender identity, national origin, veteran or disability status. (Arrow EEO/AAP policy)
We anticipate this requisition will be open for a minimum of five days, though it may be open for a longer period of time. We encourage your prompt application.
In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.