Senior Privacy and Security Analyst

Rightway Healthcare is seeking a detail-oriented and driven Privacy & Security Analyst to work closely with the Head of Security, Security GRC Manager, and Privacy Officer. This role will focus on strengthening our privacy and security assurance capabilities at scale. Rightway seeks a candidate who is experienced in privacy within regulated, high-growth environments and is eager to further develop their security governance, risk, and compliance (GRC) expertise. Main responsibilities include contributing to the design and execution of the company’s privacy roadmap, managing data subject access requests (DSARs) and privacy-related inquiries, supporting privacy impact assessments (PIAs) and data protection impact assessments (DPIAs), assisting with internal and external audits, and conducting vendor risk assessments. The analyst will also collaborate with the Security GRC Manager to respond to customer privacy and security RFPs and partner with legal on language of BAAs and Data Protection Agreements. The ideal candidate will have a minimum of 3 years in a heavily Privacy oriented role in a regulated environment, maintain a Certified Information Privacy Professional (CIPP) or similar certification, and be familiar with security/privacy compliance frameworks and regulation (e.g., SOC 2, ISO 27001, NIST, HIPAA, HITRUST NY DFS).