Privacy Incident Response Operations Analyst, Senior

Privacy Incident Response Operations Analyst, Senior

Join to apply for the Privacy Incident Response Operations Analyst, Senior role at Huntington National Bank

This employer will not sponsor applicants for the following work visas: F-1 student, H-1B worker, O-1 worker, TN worker, E-3 worker. Applicants must be currently authorized to work in the United States on a full-time basis.

The Privacy Incident Response Operations Analyst, Senior reviews security events to identify and prioritize potential threats and identify trends utilizing various tools and technologies.

• Serve as the first point of intake for suspected privacy incidents, ensuring accurate categorization, documentation, and assignment.
• Conduct initial triage to determine scope, data elements involved, impacted systems, and potential regulatory implications.
• Coordinate with Cybersecurity, Legal, IT Risk, Compliance, and business units to gather facts and validate incident details.
• Execute standardized workflows for the Privacy Incident Response Team (PIRT), including logging, evidence collection, ticket management, containment tracking, and closure.
• Assess incident severity and data classification to support notification determinations under applicable laws (e.g., GLBA, state breach laws, contractual requirements).
• Maintain and update incident records within designated tools (e.g., Archer, Service Now, or other incident management platforms).
• Monitor incident trends and assist with developing metrics, dashboards, and reports for leadership and regulators.
• Support root cause analysis activities and help identify control gaps or process improvement opportunities.
• Assist with playbook updates, policy review cycles, and development of new procedures supporting privacy operations.
• Participate in tabletop exercises, training sessions, and cross‑functional readiness activities.

• 3 years of experience in privacy, cybersecurity operations, risk management, or incident response.
• 2 years working with data privacy principles and regulations (e.g., GLBA, CCPA/CPRA, state breach laws).
• 2 years working with incident tracking or GRC tools (Archer, Service Now, or similar).
• Associate’s Degree.

• Experience supporting privacy incident response.
• Certifications such as CIPT, CIPP/US.
• Working knowledge of regulatory breach‑notification thresholds, timelines, and documentation requirements.
• Experience participating in root cause analysis and developing mitigation recommendations.
• Prior work in regulated industries such as financial services or government.
• Ability to produce metrics dashboards and identify trends to drive program maturity.
• Ability to multitask, meet deadlines, and work in a fast‑paced operational environment.
• Ability to analyze technical and business information to determine incident impact and next steps.
• Strong written communication skills with experience drafting incident summaries or reports.
• Strong attention to detail, confidentiality, and analytical thinking.
• Business, Compliance, or a related field; equivalent experience accepted.
• Bachelor’s degree in Cybersecurity, Information Technology, or related field.

$57,000.00 - $ USD Annual.

Huntington provides a variety of benefits, including health insurance coverage, wellness program, life and disability insurance, retirement savings plan, paid leave programs, paid holidays and paid time off (PTO).

Huntington is an Equal Opportunity Employer.

Tobacco-Free Hiring Practice:
Visit Huntington's Career Web Site for more details.

Note to Agency Recruiters:
Huntington will not pay a fee for any placement resulting from the receipt of an unsolicited resume. All unsolicited resumes sent to any Huntington colleagues, directly or indirectly, will be considered Huntington property. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration.