Privacy Analyst II jobs in United States
cer-icon
Apply on Employer Site
company-logo

Allegiant · 1 day ago

Privacy Analyst II

positionLas Vegas, NV
timeFull-time
remoteOnsite
seniorityMid Level
money$102K/yr - $125K/yr
date4+ years exp

Allegiant is a national air carrier seeking a Privacy Analyst II to lead governance, risk, and compliance initiatives focused on privacy program management and data governance. The role involves ensuring adherence to regulatory requirements and collaborating across various teams to strengthen privacy practices and support responsible data handling.

AerospaceLeisureTransportation
check
Growth OpportunitiesbadNo H1Bnote

Responsibilities

Participate in all areas of IT Governance, Risk and Compliance
Perform risk assessments for IT including identifying the risks presented by technological and process changes as well as review of supporting processes/ procedures, etc. to ensure the proper controls are in place and risks are appropriately mitigated
Gather relevant business, regulatory, process, and system information; validate/update process flows, risks, and controls; prepares accurate, complete, clear, and timely analysis and documentation that reflects an ability to identify risks and independently assess the adequacy and effectiveness of IT internal controls, policies, processes and procedures
Participate in maintaining the risk register and support continuous improvement of IT risk management processes
IT Risk Consulting: Work with management and team members to assess risks associated with technology solutions and ensures appropriate remediation strategies are employed. Consult with managers and team members to identify and assess current and emerging risks and strategic initiatives
IT Regulatory Examinations and Internal Audits: Support IT Audits to ensure their success
Write effective controls and action plans for any deficiencies
IT Risk Metrics and Reporting: Assist in the development of risk metric and reporting frameworks for IT Risk & Compliance. Deliver these metrics and reports on weekly, monthly and quarterly basis
Manage testing request lists from internal and external auditors, providing the interface between IT management and the auditors
Define action plans and timelines with process owners and manage them to completion/implementation
Assist with Information Security Incident Management: Investigate, document and report on incidents that impact confidentiality, integrity and/or availability
Support the administration of IT policies, standards and procedures. Ensures IT Policies, Standards and Procedures meet the guidelines established for each; ensures they are properly housed, refreshed, inventoried and approved
Draft Information Security deliverables to both internal and external partners on a variety of topics including, security breaches, policy governance, etc
Conduct scheduled assessment to identify gaps in IT business continuity, emergency and disaster recovery plans
Maintain and update plans and practices to achieve efficient and effective communication and restoration of operations during IT emergencies
Coordinate the IT disaster recovery team in scheduling Disaster Recovery (DR) and failover tests to ensure critical applications are tested based on recovery standards
Participate in IT business continuity planning awareness training and identify potential business interruptions, develop safeguards against these interruptions, and implement recovery procedures in the event of a business interruption. Provide documentation and training on contingency planning concepts and procedures
Support the completion of assessments of the operational effectiveness of the security controls and supports any required remediation
Assist in the execution of information security programs, including meeting PCI compliance requirements
Assist in the development and updates of compliance standards
Other Duties as Necessary

Qualification

IT AuditIT RiskInformation SecurityRisk ManagementISO 27001PCI-DSSNIST StandardsProject ManagementProfessionalismDocumentation SkillsCritical ThinkingCommunication SkillsAttention to Detail

Required

Combination of Education and Experience will be considered
Must be authorized to work in the US as defined by the Immigration Act of 1986
Must pass a Criminal Background Check
Bachelor's Degree
Minimum four (4) years of experience in Internal Audit (IT Audit preferred), IT Risk, or Information Security
Knowledge of project management skills (task identification, prioritization, and documentation)
Demonstrated ability to effectively balance multiple responsibilities which may frequently change
Ability to learn information quickly and apply risk/control considerations which impact downstream decisions
Ability to interface effectively with internal and external auditors
Critical thinking skills with strong attention to detail and follow up
High degree of professionalism and personal integrity
Ability to work with a high degree of independence
Excellent documentation skills (process, control, policy, and risk documentation)
Excellent verbal and written communication skills across all levels of personnel (through executive management and the Board of Directors)
Knowledge of and experience with performing ongoing risk analysis to determine what customer services, supporting business processes, systems, components and applications need to be recovered and within what time frame in order to comply with recovery time objectives
Familiarity with internet, networking (LAN and WAN), data and voice telecommunications, and cloud computing in order to assist in the preparation of recovery procedures in these areas
Good knowledge of Industry 'Best Practices' such as ISO 27001, PCI-DSS
Good knowledge of TCP/IP and related protocols
Familiarity with intrusion detection and prevention techniques
Ability to conduct research into security issues and products as required
Familiarity of standard risk management/control frameworks such as COBIT, ISO 27005, COSO, NIST 800-30, and ITIL
Understanding of internal audit and risk-based methodologies
Sarbanes-Oxley (SOX) experience
Understanding and experience with NIST and PCI standards
Strong experience in any of the following areas: IT Audit, IT Risk and/or Information Security
Demonstrated proficiency in assessing risk and risk management practices
Possesses knowledge of IT policies, standards and procedures, security frameworks and their development and implementation

Preferred

Industry certifications
Familiarity with either GRC (Governance, risk management, and compliance) or IRC (Integrated Risk Management) applications

Company

Allegiant

twittertwittertwitter
Glassdoor4.1
company-logo
Las Vegas-based Allegiant (NASDAQ: ALGT) is focused on linking travelers in small cities to world-class leisure destinations.
dateFounded in 1997
location
Las Vegas, Nevada, USA
people-size1001-5000 employees
web-link
https://www.allegiantair.com/

Funding

Current Stage
Public Company
Total Funding
$890M
2025-06-10Post Ipo Debt· $144M
2023-09-29Post Ipo Debt· $196M
2022-08-10Post Ipo Debt· $550M

Leadership Team

leader-logo
Gregory Anderson
President and CEO
linkedin
leader-logo
Robert Neal
President
linkedin

Recent News

PR Newswire
New Flights into Tri-Cities and McGhee Tyson Airports Open the Tennessee River Valley as an America 250 Gateway
2026-01-06
MarketScreener
Allegiant Travel Passenger Traffic Rises in November
2025-12-24
PR Newswire
Allegiant Introduces Altus Sol: A First-of-Its-Kind Wine Crafted for an Elevated Experience at 30,000 Feet
2025-12-03
Company data provided by crunchbase