Associate Compliance Monitor, Privacy Certified

Title: Associate Compliance Monitor
Division: Privacy Certified
Experience: Entry-level
Position Type: Full-time
Reports to: Program Director
Location: New York City – Hybrid
Employee: Vacant

About Us: The Entertainment Software Rating Board is the non-profit, self-regulatory body for the video game industry. Along with assigning age ratings for video games and mobile apps, enforcing industry – developed advertising guidelines, and informing parents about age ratings, parental controls, and other topics, ESRB operates a membership based privacy compliance and certification program, ESRB Privacy Certified, for video game and toy companies.

Summary of Position: The Associate Compliance Monitor assists ESRB Privacy Certified (“EPC”), a leading non profit privacy compliance and certification program for organizations in the video game and toy industries, in monitoring and auditing program members’ products such as websites, mobile apps, PC games, and internet connected devices for compliance with EPC’s certification requirements as well as relevant data privacy laws, regulations, and best practices.

Duties and Responsibilities:

  • Conduct compliance reviews of EPC program members’ products such as websites, mobile apps, PC games, and internet-connected devices
  • Run and analyze network traffic scans across program members’ products
  • Prepare review finding summaries, initial assessments, and biannual compliance reports
  • Communicate review findings to internal teams and program members
  • Provide potential compliance issue remediation strategies to program members
  • Confirm resolution of outstanding compliance issues, escalating long-standing items when necessary
  • Develop and maintain general understanding of privacy concepts, best practices and legal obligations, including under the Children’s Online Privacy Protection Act (“COPPA”) as well as under new or evolving privacy obligations
  • Help implement technical and other updates to the EPC program
  • Maintain and update lists of third-party technologies detected across program member products
  • Help vet privacy and security practices of third-party analytics and ad network service providers
  • Assist department heads in compiling detailed information for reports and comments to legislators, regulators, EPC members, and other stakeholders, including information for EPC’s annual COPPA Safe Harbor report to the Federal Trade Commission
  • Help manage incoming consumer inquiries and complaints, escalating red flags to relevant program member or department head(s) when necessary
  • Help prepare updates to internal training manual, new resources for EPC members, and provide training to interns and/or part-time staff
  • Handle sensitive information in a confidential manner
  • Other tasks as assigned


  • Bachelor’s Degree with at least two years of relevant professional work experience in a business environment
  • Familiarity with websites and mobile apps as related to data privacy and information security audits
  • Basic understanding of online data collection tools (e.g., cookies, SDKs) and network traffic scanning tools for personally identifiable information
  • General interest in data privacy laws and practices, including children’s online privacy
  • Ability to translate requirements from laws, regulations, policies, and guidelines into compliance issues with supervisory support
  • Ability to effectively explain technical concepts and issues to technical and non-technical audiences through verbal and written communications
  • Advanced working knowledge of:
    o Microsoft Office software suite
    o Android and iOS mobile apps
    o Internet-connected products (e.g., toys, PC games, other devices)
  • Proven skill in performing detail-oriented assignments
  • Demonstrated ability to handle multiple projects or tasks simultaneously
  • Capacity to propose creative solutions to new or emerging online privacy and security issues
  • Ability to work independently and to collaborate with a small team

Plus Factors:

  • IAPP CIPP/US or other privacy or data security certification
  • Experience working in a data privacy, data governance, information security or other regulatory compliance program
  • Experience with or certification in an Atlassian/Jira service(s)
  • General knowledge of U.S. and foreign privacy laws, including COPPA, U.S. state laws, and the GDPR
  • Familiarity with the video game industry and/or passion for video games

Base Salary: $45,000-$55,000 (plus benefits)
Exact compensation may vary based on skills, experience, and location.

To apply, please send your resume and a cover letter to [email protected]. We will keep this posting
listed until the position is filled.

The ESRB is currently considering local applicants only. Selected candidates will need to undergo a
background check. We are committed to leveraging the talent of a diverse workforce to create great
opportunities for our business and our people. EOE. M/F/D/V