External Analyst

Description

Position Summary: We are seeking an External Analyst for the insurance area, responsible for identifying and analyzing personal data processing activities, completing Records of Processing Activities (RATs), and assessing Data Protection Impact Assessments (DPIAs). Key Highlights: 1. Identification and analysis of personal data processing. 2. Active participation in the validation of Lawfulness Bases. 3. Support to the Head of Data Control Projects. ***We are seeking an External Analyst for a key insurance area.*** **Professional Profile for User Interviews, RAT Preparation, and DPIA Assessment** Role Objective To identify, document, and analyze personal data processing activities within the organization’s processes and systems through interviews with key users, in order to complete the Records of Processing Activities (RATs) required by Law 21.719 and detect risks of non-compliance with regulatory requirements. To record and organize interview responses using organizational-approved tools (Excel, OneTrust). To actively participate in the validation of Lawfulness Bases conducted during review meetings, incorporating feedback provided by approvers. All of this in support of the Head of Data Control Projects at Banchile Corredores de Seguros. ***Ideal Candidate Profile*** Academic Background **1. Professional degree in fields such as:** * Computer or Systems Engineering. * Auditing, Risk Management, or Information Security. * Organizational Psychology. * Preferred: Diploma or course in personal data protection or cybersecurity. **2. Work Experience** * Minimum 2 years in roles related to: * Process mapping or user interviews. * Operational or technological risk management. * Regulatory compliance or internal auditing. * Implementation of privacy policies or data protection measures. * Experience in digital transformation projects or implementation of legal regulations is highly valued. * Experience with risk assessment methodologies, evaluation of mitigation measures, and control and monitoring activities. **3. Technical Knowledge** * Familiarity with Law 21.719 and its operational implications. * Understanding of the components of a Record of Processing Activities (RAT): * Purpose of processing. * Legal basis. * Data retention period. * Security measures. * Data processors and controllers. * Proficiency with tools such as Excel, Power BI, Planner, and Teams. * Ability to identify risks in processes and systems related to personal data protection legislation. **4. Soft Skills** * Excellent communication and active listening skills. * Ability to build trust during interviews with internal users. * Analytical thinking and problem-solving orientation. * Autonomy and proactivity in gathering information within complex environments. * Ability to synthesize information and write clearly for documenting RATs. **5. Key Responsibilities** * Conduct structured interviews with users across various departments. * Identify personal data processing activities in processes and * systems. * Complete RAT records in accordance with the law using the systems and tools * provided by the organization. * Detect and document risks of regulatory non-compliance. * Propose mitigation measures or process adjustments. * Coordinate with Legal, IT, and Compliance departments to validate information. ***If you wish to join a large team of professionals, apply with us.***