Data Privacy Compliance Manager
##
Responsibilities:
Conduct Privacy Impact Assessments (PIAs) of the application’s security design for the appropriate security controls, which protect the confidentiality and integrity of Personally Identifiable Information (PII)
Responsible for the implementation of the company's domestic and international business and consumer privacy protection program
Interpret and apply data privacy regulations, policies, standards, or procedures to specific issues
Interpret patterns of non-compliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s cybersecurity program
Manage and ensure the enterprise data inventory is kept up-to-date
Develop privacy training materials and other communications to increase employee understanding and awareness of company privacy policies, data handling practices and procedures and legal obligations
Work with the general counsel and business teams to ensure both existing and new services comply with privacy and data security obligations
Work with legal counsel, management, key departments, and committees to ensure the organization has and maintains appropriate privacy and confidentiality consent, authorization forms and information notices and materials reflecting current organization and legal practices and requirements
Maintain current knowledge of applicable federal, state, and international privacy laws and accreditation standards, and monitor advancements in information privacy technologies to ensure organizational adaptation and compliance
Work with business teams and senior management to ensure awareness of “best practices” on privacy and data security issues
Collaborate with the cybersecurity and IT teams to ensure privacy requirements are translated into technical requirements and solutions are implemented correctly
Interface with
Senior Management to develop strategic plans for the collection, use and sharing of information in a manner that maximizes its value while complying with privacy regulations
Identify and manage privacy incidents and breaches in conjunction with the Chief Information Security Officer, legal counsel and the business units.
Other assigned duties. ##
Qualifications:
5+ years’ experience in a privacy / data loss prevention and protection related field
The ability to create a data privacy program and eventually lead a team of privacy professionals
Bachelor degree or above in information security, computer, or related majors
The ability and experience with working across departments and business units to implement organization’s privacy principles and programs, and align privacy objectives with security objectives
The ability to develop, update, and/or maintain standard operating procedures (SOPs)
The ability to determine whether a security incident violates a privacy principle or legal standard requiring specific legal action
Expertise in domestic and international laws and regulations, such as cybersecurity law, GDPR, HIPPA, etc.
The ability to partner with lawyers and outside law firms to stay abreast of changing privacy related laws and regulations
Experience with cloud environments (e.g., AWS, Azure, O365) and technical implementation of data security and privacy requirements
Self-driven with good teamwork, communication skills
Privacy certification preferred (e.g., CDPSE, CIPP-E, CIPP-US, CIPM, CISSP) Apply tot his job
Apply tot his job
Apply To this Job