Consumers Energy Company Privacy Risk Analyst in Jackson, Michigan

Join a diverse and dynamic team that makes and delivers the most valuable services in the world: electricity and natural gas. At Consumers Energy, our customers are at the heart of everything we do. Our employees work around the clock to provide service to our customers in honor of our history and to fulfill our promise to Michigan - Count on Us! Consumers Energy, the principal subsidiary of CMS Energy and headquartered in Jackson, Michigan, provides natural gas and electricity to nearly 6.8 million of the Michigan's 10 million residents in all 68 Lower Peninsula counties.Department SummaryThe Security organization within the Information Technology (IT) department at Consumers Energy provides reliable and secure services to internal clients across multiple locations within the Consumers Energy enterprise.Information Security is comprised of Cyber Security (Operational Technology Security, Cyber Security Operations, and Cyber Security Engineering Design), Information Risk Management, and NERC/CIP Compliance. The overall Information Security team has a very strong focus on system confidentiality, integrity, availability, and compliance through the planning, engineering, and operations of highly secure solutions.Job Description/ResponsibilitiesThe Security Privacy Analyst is responsible for leading the operations of the Privacy Program within the Security Organization. This role includes supporting the Privacy Program adoption across business units, maintaining Privacy Program notices and policies in response to regulatory or organizational changes, engaging with Information Security on the implementation of controls for processes and systems that handle personal information, monitoring and reporting to leadership changes in legal and regulatory privacy requirements, maintaining privacy requirements, facilitating bi-annual program-level privacy risk assessments, communicating policies and procedures for effective implementation by the business, responding to privacy-related inquiries and incidents, and providing privacy subject matter support for the third party personal information sharing risk assessment processes.The Security Privacy Analyst must have an understanding of privacy regulations, compliance, and legal obligations in order to protect data within the organization. They must be self-sufficient, work well under minimal supervision, and be team-oriented with the ability to interface effectively and communicate with a broad range of people and roles, including senior leadership, vendors, IT, and business personnel. They must be willing to address challenging issues with a position and solution focused approach while demonstrating influential decision making process in cross-functional terms.Maintain and operate the Privacy Program•Lead the development and maintenance of Privacy Program elements such as notices, policies, guidelines, procedures, organizational models, trainings and awareness, regulatory notifications and approvals (where applicable), preparation of communications (where applicable), assessment, monitoring, and reporting•Support Privacy Program adoption across business units through stakeholder engagement•Monitors and report changes in global legal and regulatory privacy requirements to leadership•Maintain Privacy Program notices and policies in response to regulatory or organizational changes•Manage and prepare privacy metrics and reporting•Maintain an inventory of business and IT methods used for accessing or modifying personal information•Coordinate the inventory of personal information throughout the enterprise•Support Information Security with the development and implementation of information security controls for sys