Privacy & Data Security Analyst Req ID: 5827
Position Type: Information Technology
JobOverview
At MoFo, we couldnt write our own success story without yours. Ready to write your story?Join MoFo as a
PRIVACY & DATA SECURITY ANALYSTon our Information Technology team!
This role can be based in San Francisco, Palo Alto, Los Angeles, or San Diego
https://www.mofo.com/officesABOUT THE ROLEThePrivacy & Data Security Analyst
, aligned with Information Security objectives and firm priorities, is responsible for executing and coordinating day-to-day privacy operations embedded within the Information Security function. This role enables consistent privacy-by-design by integrating privacy requirements into Security-by-Design workflows, vendor and system reviews, and InfoSec compliance and governance initiatives. The Analyst partners closely with the Data Governance Lead and GRC Lead and coordinates with Legal stakeholders for interpretation and approvals where required. The role also ensures client service and satisfaction are achieved across all areas of responsibility.
Privacy Intake, Triage, and Operational Execution- Operate the Firms privacy intake process, including monitoring mailboxes/queues, acknowledging requests, gathering required context, and routing to appropriate reviewers.
- Track requests through completion with clear ownership, timelines, and closure documentation.
- Maintain organized records of requests, decisions, approvals, and supporting evidence for audit and client readiness.
- Escalate novel or high-risk matters to InfoSec and Legal using defined triggers.
- Coordinate workflow artifacts (DSARs, PIAs, DPIAs, TIAs), ensuring inputs, documentation, approvals, and follow-ups are completed.
Embedded Privacy-by-Design within Security-by-Design- Support privacy-by-design within Security-by-Design reviews by gathering key inputs (data categories, purpose, retention, sharing, access).
- Prepare decision-ready summaries outlining processing context, risk considerations, and required approvals.
- Promote repeatable standards and playbooks to improve consistency and efficiency.
Third Party and System Review Support (Data Minimization Focus)- Coordinate privacy components of vendor onboarding and system changes, emphasizing data minimization, appropriate use, retention, and sharing constraints.
- Partner with Procurement and business stakeholders to gather inputs and document outcomes.
- Maintain review artifacts and track remediation actions to closure.
- Route matters to Legal for review/approval when required.
Data Inventories, Records, and Evidence Management- Conduct structured data inventory activities using standardized templates.
- Maintain accurate, defensible processing records as systems, vendors, and processes evolve.
- Coordinate documentation and evidence for privacy assessments (including DPIAs).
- Support audits and client inquiries by organizing and presenting privacy documentation.
Notices, Disclosures, and Internal Guidance Workflow Support- Coordinate updates to privacy notices and disclosures, including stakeholder input, version control, and Legal review.
- Maintain repositories of approved language, rationale, and change history.
- Support maintenance of internal privacy guidance (FAQs, templates, standards).
Privacy Awareness Training Support (InfoSec-Owned Program)- Coordinate privacy-related inputs for the InfoSec training program (topics, audiences, review requirements).
- Track training completion and coverage metrics; prepare summary reporting for leadership.
- Coordinate Legal review of training content as needed.
Privacy-Related Incident Support (Documentation and Routing)- Support documentation and routing of privacy-related incidents in coordination with InfoSec.
- Ensure appropriate escalation, tracking, and record retention.
- Maintain incident documentation for audit and regulatory readiness.
ABOUT YOU- Bachelors degree required.
- 35 years of experience in privacy, compliance, governance/risk support, InfoSec/GRC coordination, or a similar operational role.
- Experience managing structured workflows (intake, triage, documentation tracking, and closure) across multiple stakeholders.
- Strong organizational, documentation, and follow-through skills; able to manage multiple parallel requests and deliverables across stakeholders.
- Clear, concise written communication, including summaries, decision logs, and audit/client-ready documentation.
- Sound judgment with appropriate escalation of risks or uncertainties; high discretion in handling sensitive information.
- Ability to collaborate effectively with business, procurement, security, and compliance teams.
- Proficiency in Microsoft 365 (Outlook, Teams, SharePoint, Excel) and familiarity with task/ticket tracking and evidence management tools.
- Working knowledge of privacy-by-design principles (data minimization, appropriate use, retention, transparency, and sharing constraints).
- Experience supporting vendor onboarding, system/security reviews, procurement/TPRM processes, and data inventories/ROPA-style records.
- Experience with training administration and completion reporting, preferably within professional services or regulated environments.
- Privacy and/or Information Security certifications are a plus.
ABOUT MOFOAt MoFo, we collaborate as one firm, across borders, practice areas, and business functions and value fresh ideas and innovation over conformity and competition.
ABOUT OUR BENEFITSMoFo offers a comprehensive benefits package starting on your first day.
- A variety of options for medical, dental, vision, life and disability coverage to meet the needs of you and your family.
- Industry-leading parental leave and family benefits including adoption and fertility treatment options and backup child and elder care.
- Global wellness program, including free access to Talkspace and Calm apps.
- Annual community service day to make an impact on your community and a birthday holiday just for fun.
- Education reimbursement annually.
- Dedicated Talent Development team.
- Competitive annual profit-sharing contribution.
Where required by law, salary ranges are stated below. Additional compensation may include a discretionary bonus, overtime as applicable, health/welfare benefits, retirement contributions, paid holidays, and PTO. The range displayed is specifically for positions performed in those cities/states and may vary based on factors including but not limited to the following: local market data and ranges; an applicant's skills and prior relevant experience; and certain degrees, licensing, and certifications.
San Francisco, Palo Alto salary range: $164k to $229k
Los Angeles, San Diego salary range: $156k to $218k
For questions regarding this position, please e-mail
jobs@mofo.com Morrison & Foerster is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, religion, creed, ethnic or national origin, ancestry, age, disability, veteran or military status, marital status, pregnancy, sexual orientation, gender identity, domestic partner status, and other categories protected by applicable laws, or in retaliation for opposition to any practices forbidden under this policy.
Equal employment opportunity, including veterans and individuals with disabilities.
PI282307641
