Consultant - Privacy Engineer

ABOUT KALLES GROUP:

Everyone deserves to be secure. Our mission at Kalles Group is to help secure the future for companies of all shapes and sizes.

While our expertise spans multiple disciplines, our method remains consistent: building trust and relationship with people -- whether you are a client, a consultant, or--in this case--a candidate.

No matter what role you come from--whether you're an executive or just starting your career-you can expect our highest level of attention and respect. We want to find the right fit for each role, but we also want you to find the right fit for your career.

We believe the best way to show you what our team is like is to treat you like you're already a part of it. We hope you'll consider joining our team of experienced professionals who are building their careers at Kalles Group—and having fun while doing it.

WHAT YOU WILL DO:

As a Privacy Engineer, you will be a key member of the IT Information Security and Compliance team, driving privacy initiatives and ensuring compliance with U.S. state and international privacy laws. You  will design and implement an Integrated Controls framework, manage compliance reporting, and collaborate with global stakeholders to build and maintain a robust privacy program. This role requires a blend of technical expertise, strategic thinking, and exceptional people management skills to balance business needs with privacy risks.

We anticipate this role being up to 40 hours/week. We are open to C2C.

You will focus on:

Privacy Framework and Compliance Management:

• Act as a subject matter expert for governance and compliance frameworks within IT privacy GRC (Governance, Risk, and Compliance).
• Define and implement a risk-based approach to identify, monitor, measure, and report privacy risks and compliance issues.
• Research and evaluate new compliance requirements, incorporating them into privacy policies, standards, and procedures.
• Promote a culture of compliance, risk mitigation, and corporate accountability across the organization.
• Develop corrective action plans for data compliance issues and ensure successful remediation.

 Collaboration and Stakeholder Engagement:

• Partner with Information Security, Business, Legal, and other stakeholders to align privacy goals with organizational objectives.
• Manage relationships with internal and external auditors/assessors.
• Provide governance for identifying, validating, and remediating information technology controls required by regulations such as PII, HIPAA, and California Privacy Law.
• Participate in strategic planning for compliance initiatives across business units and enterprise control functions.

Privacy Assessment and Risk Evaluation:

• Conduct privacy and risk assessments of internal business units and external vendors/service providers.
• Evaluate and prioritize privacy and compliance risks, recommending appropriate mitigating controls.
• Analyze compliance readiness findings, identify ownership, and lead remediation planning and validation.

Reporting and Communication:

• Design, collate, review, and distribute reports on the privacy framework, ensuring alignment with regulatory objectives.
• Work with global business units to develop and communicate policies, procedures, and plans for privacy and risk management best practices.
• Submit audit and compliance reports to governing bodies, legal entities, and external authorities.

ABOUT YOU: 

• Your values:
  • Integrity: You believe in doing the right thing, even when it's uncomfortable, seemingly inefficient, or costly.
  • Purposefulness: You have a desire to serve others with your skillset and an openness to continuous learning and growth.
  • Ownership: You stick to your commitments, follow up with action, and seek clarity in communication & expectations.

Preferred experience:

• Experience developing and executing global privacy compliance programs.
• Strong understanding of risk management, data compliance, and privacy strategies.
• Proven leadership skills and ability to work effectively at the executive level.
• Solid knowledge of IT systems, applications, networks, and databases.
• Experience developing and submitting audit and compliance reports to governing bodies.
• Expertise in assessing and designing internal controls in an enterprise-level environment.
• Direct experience with applicable local and federal IT laws and privacy controls (e.g., access management, encryption, vulnerability management).
• Strong knowledge of privacy governance programs and risk management practices.
• Excellent written and oral communication skills.

Preferred certifications:

• At least one of the following:
  • CIPP (Certified Information Privacy Professional).
  • CIPT (Certified Information Privacy Technologist).
  • CISSP (Certified Information Systems Security Professional).
  • CISA (Certified Information Systems Auditor).
  • CISM (Certified Information Security Manager).

Additional qualifications:

• Architectural-level experience in information privacy, data compliance, and risk management.
• Proven experience managing teams and collaborating with global stakeholders.
• Experience developing and implementing IT policies, procedures, and best practices.
• Creative problem-solving skills for remediating compliance issues effectively.

WHAT WE OFFER:

• Competitive compensation with opportunities for additional incentives. The salary for this role is $115-130K/year
• Work/life balance – we know there’s more to life than work! We encourage our team to pursue other passions, get outside, and spend time with family. We work with clients and consultants to set expectations for a manageable workload.
• Opportunities to connect in person and remotely with a passionate, supportive team.

LOCATION:

This role is based in the Greater Seattle area, with regular, on-site work in Issaquah, WA.

HOW TO APPLY:

Please fill out the form below (including uploading your most recent resume) and we'll be in touch! We know imposter syndrome can be a barrier to many great applicants. We hope you'll still consider applying. That's why we've made the application process as short and simple as possible.

Even if you're not a fit for the role, you can expect to hear back from us! We want you to have the best experience as a candidate, so please feel free to share feedback at any stage of the process to talent@kallesgroup.com.

Kalles Group is an equal-opportunity employer and does not discriminate on the basis of creed, nationality, race, ethnicity, disability, gender, or other protected class.