1 hour 41 minutes
Hey, everyone, welcome back to the course in this video. We're going to talk about the privacy analyst job role,
so we're gonna talk about what a privacy analyst is. We'll talk about some of the common job responsibilities you can expect to do as a privacy analyst. We'll also talk about some of the common skills that you're gonna wanna have to be successful in the role. We'll talk about some common industry certifications for privacy analyst, and we'll also talk about the general salary range
as a privacy analyst.
One thing I just want to mention, though, is that this might be a good entry level career. So if you're out there looking for an entry level type of roll around cybersecurity, this is a good path. Or this may be a good path for you simply because you can usually get some
certifications, get your foot in the door doing some auditing type work
and then from there, evolve your career into more number one higher pay and number two more opportunities. So this is one of those jobs where you don't necessarily have toe have ah, lot of technical skills to get in your foot in the door.
Also, there's a lot of different job names for this particular job, right? So we were calling a privacy analyst, which is what you come on, let's see out there. But there's a lot of different job titles for this in a similar fashion to the cybersecurity manager type of role. So, for example, you might see privacy analyst. You might see a called data privacy engineer, a data privacy architect. You might see data privacy of specialist.
You might be, uh, see things like platform privacy specialist
privacy, compliance specialists,
privacy compliance, analyst or advisor. You might see it called Privacy and
Risk Engineer. So a lot of different job titles you might see out there. But for our purposes in this video, we're just going to stick with privacy analyst.
So what is a privacy analyst? What do they actually do?
Well, these air individuals that focus really on assessing the business policies, procedures and even operations to ensure that the organ organizations actually meeting any privacy requirements that they have, making sure that the compliant with regulations
or industry standards or laws that they have to follow
to basically protect that critical information.
So what are some of the common things that they do
well, of course, I just mentioned right. They assess different policies and procedures of the organization to make sure they're actually becoming being compliant.
They also do things like helping managed illegal or operational risk
related to that. Those that critical information asset or assets
they are always assessing. So continuously assessing the business unit operations, they're doing things like researching and analyzing sensitive data. So performing that analysis of sensitive data and figuring out
what do we have to do with this? What laws we have to follow? Are we actually compliant for this particular data that we have to be responsible for?
Also training so
developing policies and procedures and then training the organization on those policies and procedures? And that doesn't mean you have to in person train all the time. You might create video training for the company or different types of assessments for the company. You might perform some exercises to make sure that the organization understands the training,
what you're doing and that we're actually improving over time and continuing Thio iterate the processes that we're developing,
some of the common skills that you're gonna wanna have as a privacy Analysts are gonna be things like critical thinking skills.
So being able to analyze things and say, Well, what doesn't fit or what are we not doing here? And how can we correct those issues?
Having a good knowledge of privacy related laws or regulations,
industry standards, even just understanding, like, what should we be doing and making sure that you're actually the organization's actually doing that
Understanding data lifecycle management. So how are we getting the data? How are we storing the data? What actually happens to that data, like from A to Z? What happens with that data? What's the life cycle off that data? How do we protect it at each stage of that life cycle,
researching big component here researching what regulations do we have to be compliant with when new laws come out like things like the California Consumer Privacy Act and the new one? They have out that my mind right now. But when those different laws come out, making sure we research and figure out, does it apply to us?
Does it apply to us as an organization
communication skills? So there's no sense in doing all this research and creating all these policies and procedures if we can't effectively communicate that to other stakeholders.
Right. So we have to communicate that the stakeholders and then other business units
out there to make sure that
we're actually implementing these things and helping protect the organization and our data. Ah, lot better
and being able to perform that gap analysis. So what are we missing,
right? What are we missing here?
As we do the research and we see what we have to do, we then need to research our policies and procedures and identify. Okay, Well, what do we have in place now and then? What's missing? What's missing from all that? So that's another key skill that you wanna have.
So what are some of the common search out there that a privacy analyst might get? Well, C i PP, which is the stands for the certified information privacy professional. Now they have. This is a very common sort these days to get a little on the expensive side. For most people, the exam costs, I think, is $575.
At the time of this, filming is somewhere around there in the 5 to $600 range
and that will allow you to get this certification. Now you can take it for different
areas of the world. So, for example, there's a C I PP us for covering mawr. The U. S. Laws and regulations.
There's a C I PP for the European European area for the Asian market.
So there's a lot of different ones out there that you can get, but C I PP is a common one that a lot of people are getting.
Also GRC professional. So one thing I actually like about this one without giving any search and endorsement One thing I like is there is a flat fee and it also includes the training for that search. So that's another one I've been seeing. A lot of people get an industry, and a newer one is a C. D. P S E
or the Certified Data Privacy Solutions Engineer. This is a newer, newer one from Osaka.
Let's come out. So it may be another one that,
as it evolves mawr and gets a little more attraction in the industry that you might want to check out and then, of course, is a as well for auditing, so that might be another one that you may want to explore as well.
What are the general salary ranges for? Privacy analyst? Well,
here in the US, generally speaking, 60 to about 95,000 orm Or if you've got some technical background, If you've got some experience, you're probably easily looking over six figures and probably more likely, like someone with my background experience if I wanted to. Privacy domain. Probably looking at more of the 1 20 plus range here in the US
for salaries 120,000 plus. But for entry level privacy analyst, you're looking at 60,000, maybe 50 to 60,000 range for an entry level. Privacy analysts in most of the U. S. Market and the U. K you're looking at around 50 to £71,000 and again, these are just some some ballpark figures and then in India,
700,000 to about 900,000 orm or rupees
as the average salary again, keeping in mind that there's a lot of this depends on the area that you live in.
Quick quiz question here for you. Task that of privacy analyst Might might do include What's the following? Is it training? Is it legal risk management or is a data agreements?
Well, the answer is actually all the above right, so you may perform that training you might
do. You might do research around data agreements or review data agreements. You also might do that legal risk management
for the organization.
So in this video, we just talked about what a privacy analyst IQ is again. This is a good
entry level rolls. If you're like I'm not technical, it all type of thing. If you're thinking that in your head, this is a good role that you might want to explore as an entry level in cyber security without having to get your hands on a keyboard to do this stuff from a technical standpoint. Now this is a really good role. If you're really into, like analyzing puzzles or
just looking at data, if you're really into like those crime shows and your
you always, you kind of always configure out like who actually did it. This might be a very, very good role for you, toe Look at if you're good at looking at if you got like a background in accounting for example, this is a good role for you, so
definitely explore this particular role, especially if your entry level and looking for the good fit without a whole lot of technical experience.
We talked about common skills that you might need. A lot of them are kind of generalized skills. But again, more about that critical thinking right, being able to analyze that data to figure out what doesn't fit or what are we missing, right performing that gap analysis as well as understanding the different regulations, industry standards and laws we have to be complying with for the organization.
We also talked about some of the common search against the I. P. P is pretty common these days, as well as the GRC professional certification
and CISA as well as
the other certification. The CDP S E is getting a little more traction in the industry,
and then we also talked about the general salary range as well