Privacy Analyst

At Lyft, our mission is to improve people’s lives with the world’s best transportation. To do this, we start with our own community by creating an open, inclusive, and diverse organization.

Our drivers and passengers entrust Lyft with their personal information and travel details to get where they are going and expect us to keep that data safe. Lyft’s Privacy team is comprised of engineers and analysts dedicated to ensuring appropriate data protections are applied at all times. We conduct privacy risk assessments, consult with organizational stakeholders, maintain Lyft’s privacy program, develop privacy policies, and advise on all matters related to privacy.

As a member of the Privacy team you will help ensure that privacy is built into our products by design.  Every day, you’ll meet and work with stakeholders across the company working on exciting new projects, help de-risk their product development, conduct Privacy Impact Assessments, work with the Security team to ensure both privacy and security are built into products, and serve as an adviser to teams coming to you with burning privacy questions.  

Responsibilities

• Conduct Privacy Impact Assessments of internal and external partners during the development or adoption of new technologies, systems, or programs
• Contribute to maintaining compliance and regulatory frameworks
• Develop and maintain privacy policies and guidelines for Lyft
• Serve as an internal adviser to engineers, data scientists, compliance and legal teams on data privacy related issues
• Assist in creating and delivering awareness campaigns, training, and orientation for all Lyft associates
• Identify trends in privacy and regulatory requirements and compliance enforcement and account for the necessary changes in data privacy program
• Proactively find, document and drive resolution of data use violations by Lyft’s products and services
• Explore, understand and analyze system designs, internal code base, and flow of data to identified vulnerabilities

Experience & Skills

• Depth of knowledge in privacy components related to product development lifecycle, data handling, and asset classification
• Knowledge of the role of a privacy professional in ensuring customer data is properly managed
• Ability to articulate and influence the importance of customer privacy
• Ability to manage multiple tasks and high priority projects
• Ability to prioritize, adapt, and autonomously work with cross-functional teams in a dynamic work environment
• Experience in GDPR and Privacy Law
• Experienced privacy professionals preferred (Privacy consulting, CIPP, CIPM, CIPT)

Set Yourself Apart

• Familiarity with software development life cycle, data systems (RDS/Hive/Presto) and large scale data flows
• Basic experience in scripting language (Python, Ruby) and SQL
• Contributions to the privacy community (bug bounty programs, public research, blogging, presentations)

Benefits

• Great medical, dental, and vision insurance options
• Mental health benefits
• In addition to 12 observed holidays, salaried team members have unlimited paid time off, hourly team members have 15 days paid time off
• 401(k) plan to help save for your future
• 18 weeks of paid parental leave. Biological, adoptive, and foster parents are all eligible
• Pre-tax commuter benefits
• Lyft Pink - Lyft team members get an exclusive opportunity to test new benefits of our Ridership Program

Lyft is an equal opportunity/affirmative action employer committed to an inclusive and diverse workplace. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by law. We also consider qualified applicants with criminal histories consistent with applicable federal, state and local law.  

Until further notice, Lyft employees working in the United States and Canada in any capacity (on a daily or hybrid schedule or as a visitor) are required to provide proof of full vaccination against COVID-19. Employees are considered fully vaccinated two weeks after completion of the entire recommended series of vaccination (usually one or two doses) with a vaccine authorized to prevent COVID-19 by the federal Food and Drug Administration (FDA), including by way of an emergency use authorization. Lyft will maintain records associated with your vaccination history in a way that is compliant with all relevant Federal, state and local laws. Exceptions to this requirement are employees who require religious or medical exemption as approved through Lyft's accommodations process.