GRC and Privacy Analyst
Full Time • Hybrid - US
Benefits:
- 401(k) matching
- Dental insurance
- Employee discounts
- Health insurance
- Paid time off
- Parental leave
- Vision insurance
- Wellness resources
Who is Propelled Brands
Propelled Brands is the multi-brand platform company under which service industry franchise brands operate and grow. Our family of brands currently includes FASTSIGNS®, NerdsToGo®, and MY SALON Suite® all of which have found tremendous success in their respective industries.
Why Propelled Brands
Propelled Brands is the multi-brand platform company under which service industry franchise brands operate and grow. Our family of brands currently includes FASTSIGNS®, NerdsToGo®, and MY SALON Suite® all of which have found tremendous success in their respective industries.
Why Propelled Brands
We are a growing company that offers a collaborative, caring, and progressive work environment. We provide the tools and training needed to be successful. We have fun, but work hard to support each other and our growing number of franchisees. Come grow with us!
What We Offer
Our robust Total Rewards package includes:
- Competitive Pay
- Insurance - Medical, HRA, FSA, Dental, Vision, Life, Disability, Pet Insurance
- Retirement Savings - 401k plan with company match up to 6%
- Generous Paid Time Off - Paid parental leave, volunteer time, holidays and PTO starting at 3 weeks
- Engagement and Wellness Programs
- And much more!
About the Position
We are seeking a skilled and detail-oriented GRC (Governance, Risk, and Compliance) and Privacy Analyst to join our team. The ideal candidate will focus on data privacy compliance and cybersecurity regulations, supporting our organization in maintaining compliance with relevant standards and frameworks. The GRC Analyst will manage our GRC platform, TrustArc, and oversee components including Cookie Consent, Individual Rights Management, Data Mapping, and conduct assessments against frameworks such as NIST, GDPR, and CCPA.
We are seeking a skilled and detail-oriented GRC (Governance, Risk, and Compliance) and Privacy Analyst to join our team. The ideal candidate will focus on data privacy compliance and cybersecurity regulations, supporting our organization in maintaining compliance with relevant standards and frameworks. The GRC Analyst will manage our GRC platform, TrustArc, and oversee components including Cookie Consent, Individual Rights Management, Data Mapping, and conduct assessments against frameworks such as NIST, GDPR, and CCPA.
Essential Functions
-
Data Privacy Compliance:
- Ensure ongoing compliance with global privacy laws and data protection regulations including GDPR, CCPA, TCPA (TCR) and others as applicable.
- Oversee Cookie Consent management, ensuring compliance with regulations and maintaining updated consent records.
- Manage Individual Rights Management processes, including responding to data subject access requests and ensuring the organization's procedures support variable jurisdictional requirements.
- Ensure website forms terms of use and privacy notices are reviewed and updated annually or as necessary.
-
GRC Platform Administration:
- Administer and maintain the GRC platform (TrustArc or equivalent) to support data privacy and cybersecurity compliance.
- Ensure accurate and timely configuration of the platform, including Data Mapping to track data flows and assets across the organization.
- Conduct regular assessments and audits to ensure compliance with regulatory frameworks.
- Develop and update documentation, policies, and procedures to support compliance activities and audit requirements.
-
Cybersecurity Compliance:
- Assist with cybersecurity policy development and implementation, ensuring alignment with frameworks such as NIST.
- Collaborate with the IT security team to identify and mitigate cybersecurity risks, ensuring compliance with established security standards.
- Manages and coordinates the organization's Cyber Incident Response Team (CIRT) to detect, analyze, contain, and recover from cyber security incidents.
- Assess and recommend Cyber tools and solutions to leadership.
-
Assessment and Reporting:
- Conduct gap analyses against regulatory requirements and prepare action plans to address deficiencies.
- Prepare reports for management and stakeholders, communicating compliance status and recommending improvements.
- Support audits by providing evidence and documentation to demonstrate compliance with applicable regulations.
Education and Experience
- Bachelor’s degree in Information Technology, Information Security, Business Administration, Legal Studies, or a related field.
- At least 2-3 years of experience in GRC, data privacy, information security, or related roles.
- Thorough understanding of privacy laws and regulations, such as GDPR and CCPA.
- Knowledge of cybersecurity frameworks and standards such as NIST.
- Experience with GRC platforms, such as TrustArc, including platform configuration and management.
- Strong analytical, organizational, and problem-solving skills.
- Excellent written and verbal communication skills.
- Ability to work effectively both independently and as part of a team.
- Relevant certifications such as CIPP, CIPM, CISSP, or CISM preferred.
Supervisory Responsibility
This position does not have any supervisory responsibilities.
Work Environment
This job operates in a professional office environment. This role routinely uses standard office equipment such as computers,smartphones, video conferencing, webinars, phones, photocopiers, printers, filing cabinets, shredding and fax machines.
Physical Demands
The physical demands described here are representative of those that must be met by a Team Member to successfully perform the essential functions of this job. While performing the duties of this job, the Team Member is regularly required to walk, talk, see and hear. And lift up to 20 pounds.
Position Type/Expected Hours of Work
This is a full-time, non-exempt position of at least 40 hours a week, Monday through Friday, between the hours of 7:00 a.m. to 6:00 p.m. Occasional evening and weekend work may be required as job duties demand.
Travel
Travel is primarily during business days, out-of-the-area and overnight travel is expected based on individual job responsibilities. Some of the travel may occur on weekends or be international. Company events may include Summits and the Annual Conventions may also include travel. Travel is expected to be less than 10%.
EEO Statement
Propelled Brands. provides equal employment opportunities (EEO) to all Team Members and applicants for employment without regard to race, color, religion, sex, national origin, age,
disability or genetics. In addition to federal law requirements, Propelled Brands complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Flexible work from home options available.
Compensation: $90,000.00 per year
We are Propelled Brands™.
Our family of brands includes FASTSIGNS®, MY SALON Suite®, Camp Bow Wow®, and NerdsToGo®, all of which have found tremendous success in their respective industries.
- FASTSIGNS® is the leader in the $29 Billion sign industry.
- MY SALON Suite® is a principal leader in the rapidly growing salons and beauty services sector and are on the way to becoming one of the nation’s largest salon suite franchisors.
- Camp Bow Wow® is a leading franchise brand in the rapidly growing pet care industry with over 200 franchise locations in 40 states and Canada.
- NerdsToGo® is a growing franchise organization in the IT services business.
With our resources, guidance, and support, they are all poised for even brighter futures after joining Propelled Brands.
Propelled Brands values diversity and inclusion because it brings richness and strength to our business. We envision diversity as encompassing an individual’s unique characteristics and experiences, including not only race, gender, ethnicity, age, religion, disability, national origin, and sexual orientation, but also personality, gender expression, military status, mental health, educational and career backgrounds, and other life experiences. We know that supporting and building diversity is the right thing to do for our employees, our franchisees, our franchisees’ teams, and our stakeholders.
(if you already have a resume on Indeed)
Or apply here.
Medical Insurance
Multiple choices, prescription coverage, HRA, FSA
Retirement Savings
401k with company match up to 6%
Paid Time Off
Holidays, Personal Days, Volunteer Days, Paid Parental Leave, PTO
Voluntary Benefits
Vision, Dental, and Pet Insurance Options
Disability and Life Insurance
Company paid Life Insurance and Long Term Disability. Short Term Disability and Supplemental Life insurance options available
Engagement Activities
Team Week, Departmental Events, Holiday Fun Events, Annual Engagement Survey with action items
Discount Programs
Discounts on movie tickets, hotels, cruises, concerts, and so much more
Wellness Activities
Physical, Mental, Social, Financial, Developmental activities