Associate Privacy Analyst

About Persona

Persona is the configurable identity platform built for businesses in a digital-first world. Verifying individuals and organizations is harder — but more important — than ever, with AI enabling fraudsters to launch sophisticated accounts at scale and regulations evolving rapidly.

We’ve built Persona to support practically every use case and industry — that’s why we’re able to serve a wide range of leading companies. For example, Reddit relies on Persona for age assurance and verification to comply with online safety regulations, protecting younger users while maintaining a seamless experience. Meanwhile, OpenAI relies on Persona to keep bad actors out, protecting one of the world’s most powerful AI platforms from large-scale abuse in a time when AI is reshaping the way we work and live.

We’re growing rapidly and looking for exceptional people to join us!

About the Role

Persona is looking to bring on a Privacy and Compliance Analyst focused on privacy operations, with an emphasis on managing end user Data Subject Access Requests (DSARs) and related individual rights requests. As an early member of the privacy and compliance team, you will help design and run an efficient, auditable DSAR program that balances legal requirements, user expectations, operational constraints, and security.

The ideal candidate can lead DSAR workflows end-to-end, including intake, identity verification, scoping, data mapping, collection, redaction and exemption analysis, response drafting, and deadlines tracking. You should be comfortable thinking critically about ambiguous requests, competing obligations, and edge cases, and partnering cross-functionally with Legal, Security, Engineering, Support, and Product to implement and continuously improve practical, scalable processes.

What You’ll Be Doing at Persona

• Lead DSAR and individual rights request workflows end-to-end, including intake, identity verification, scoping, data collection, redaction and exemption analysis, response drafting, and deadline tracking

• Design, run, and continuously improve an efficient, auditable DSAR program that balances legal requirements, user expectations, operational constraints, and security

• Partner cross-functionally with Legal, Security, Engineering, Support, and Product to improve data mapping, retrieval processes, and tooling for privacy operations

• Build and maintain procedures, documentation, and metrics to support consistent execution and readiness for audits and reviews

• Train and support cross-functional partners on privacy operations processes and security, privacy, and compliance best practices

What You’ll Bring to Persona

• 2 - 3 years of experience working in security, privacy, risk, and compliance or equivalent experience

• Experience in external facing roles & communication with customers

• Strong understanding of GDPR, CCPA, BIPA, HIPAA and other data privacy laws.

• History of building trust through collaboration and successful cross functional engagements

• Strong project management skills and ability to manage varying priorities and stakeholders

• Firm grasp of security, privacy, risk & compliance best practices

Full-time Employee Benefits and Perks

For full-time employees (excluding internship and contractor opportunities), Persona offers a wide range of benefits, including medical, dental, and vision, 3% 401(k) contribution, unlimited PTO, quarterly mental health days, family planning benefits, professional development stipend, wellness benefits, among others. While we believe competitive compensation and benefits are a critical aspect of you deciding to join us, we do hope you consider why our core values and culture are right for you. If you’d like to better understand what it’s like working at Persona, feel free to check out our reviews on Glassdoor.