Cambridge Mobile Telematics (CMT) is the world’s largest telematics service provider. Its mission is to make the world’s roads and drivers safer. The company’s AI-driven platform, DriveWell® Fusion, gathers sensor data from millions of IoT devices — including smartphones, proprietary Tags, connected vehicles, dashcams, and third-party devices — and fuses them with contextual data to create a unified view of vehicle and driver behavior. Auto insurers, automakers, commercial mobility companies, and the public sector use insights from CMT’s platform to power risk assessment, safety, claims, and driver improvement programs. Headquartered in Cambridge, MA, with offices in Budapest, Chennai, Seattle, Tokyo, and Zagreb, CMT measures and protects tens of millions of drivers across the world every day.

CMT is seeking a highly skilled and proactive Privacy & Compliance Analyst to strengthen our global security, privacy, and compliance programs. This role goes beyond process execution — it provides strategic guidance, owns critical compliance initiatives, and influences how CMT scales responsibly. Partnering closely with teams across engineering, legal, sales, and data science, the Privacy &

Compliance Analyst will lead risk management initiatives, oversee key audits, and ensure that CMT’s products and practices align with privacy and security standards worldwide. As a recognized subject resource, this role will mentor others on compliance best practices, strengthen audit readiness, and serve as a trusted advisor to leadership and external stakeholders.

CMT is looking for a collaborative, customer-committed, and creative Privacy & Compliance Analyst II who wants to join us in making roads safer by making drivers better!

Responsibilities:

• Assist in the contract lifecycle process, including high-level review of commercial contracts, technology licenses, and vendor agreements, advising on privacy and security implications
• Support complex customer and vendor negotiations, balancing risk, business needs, and regulatory obligations
• Develop, maintain and improve CMT’s ROPA, DPIAs/PIAs, LIAs, TIAs and SCC coverage; review templates, track mitigations and sign-offs
• Keep internal privacy policies/standards, playbooks, and training current, drive completion and effectiveness metrics.
• Support data mapping and flow documentation across mobile apps, tags, devices, and cloud services; keep systems of record up to date
• Maintain retention & deletion schedules and support enforcement (incl. telemetry, analytics, and logs) • Oversee cookie practices and notices where applicable (EU/UK & US)
• Prepare evidence and coordinate remediation for ISO 27701 / 27001 and SOC 2 (privacy scope), aligning control owners, gaps, and timelines
• Support privacy impact assessment during security incidents (breach notification analysis, timelines, documentation)
• Track and operationalize changes in US state privacy (e.g., CPRA, VCDPA, CTDPA, CPA, UCPA) and other relevant regimes; provide practical guidance to teams
• Complete any additional tasks as they arise

Qualifications:

• Bachelor’s degree or equivalent years of experience and/or certification in a related field
• 2+ years of relevant experience in compliance, privacy, or security
• Demonstrated expertise in privacy and data regulations (GDPR, AI Act, Data Act, CCPA, etc.), up-to-date knowledge of guidelines, recommendations, notable decisions of authorities and expert bodies (EDPB, EU Commission, etc.)
• Strong understanding of data protection practices, and vendor risk management
• Proven track record of leading audit readiness and risk management processes
• Excellent ability to influence, communicate, and collaborate across technical and non-technical teams
• Comfortable working in a fast-paced, scaling environment with the ability to work independently

Nice to Haves:

• Advanced degree or certification in privacy/security compliance preferred, e.g., Master of Laws, CIPP, CIPM, CISSP
• Experience within a SaaS or high-tech B2B environment is an advantage

Compensation and Benefits:

• Fair and competitive salary based on skills and experience
• Equity may be awarded in the form of Restricted Stock Units (RSUs)
• Private healthcare
• Life insurance
• Parental leave
• Flexible scheduling and work from home policy depending on role and responsibilities

Additional Perks:

• Feel great working to improve road safety around the world!
• Join one of our many employee resource groups including Black, AAPI, LGBTQIA+, Women, Book Club and Health & Wellness
• Extensive education and employee assistance programs
• CMT will do all that is possible to support our employees and create a positive and inclusive work environment for all!

Commitment to Diversity and Inclusion:

At CMT, we believe the best ideas come from a mix of backgrounds and perspectives.

We are an equal-opportunity employer committed to creating a workplace and culture where everyone feels valued, respected, and empowered to bring their unique talents and perspectives. Diversity is essential to our success, and we actively seek candidates from all backgrounds to join our growing team.

We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status or disability state. CMT is headquartered in Cambridge, MA. To learn more, visit www.cmtelematics.com and follow us on X @cmtelematics.