Overview
Subject-matter expert on applicable data privacy and security regulations. Serve as a cross-functional and business partner point-of-contact for advice and guidance as needed. Support the business through meeting internal and external applicable standards.
Responsibilities
- Subject-matter expert on applicable data privacy regulations.
- Draft/review/provide input on applicable agreements (BAA, DPA), assessments (DPIA, TIA), notices, statements, policies, and processes.
- Create employee educational articles, trainings and resources.
- Update annual employee trainings and on-boarding training.
- Participate in meetings with business partners on initiatives.
- Assessments for Data Privacy Framework certifications with US DoC.
- Identify potential data privacy risks and offer risk mitigation options.
- Maintain and update content on global data privacy program intranet.
- Meet deadlines of assigned responsibilities on global program calendar.
- Support Government Affairs team with regulatory updates.
- Proactively partner with cross-functional teams to improve processes.
- Maintain transparency of daily work flow status using team tools.
- Assist with internal audits and risk assessments as requested.
- Assist with investigations and data incident response as requested.
- Prioritize reading industry papers and briefs, attending webinars and conferences to maintain current knowledge of regulatory landscape.
- Excellent reasoning and judgment - provide sound recommendations that are achievable and demonstrate a willingness to work with business partners to find solutions and risk mitigation if needed.
- Must be able to shift priorities as needed while managing and communicating a dynamic workload.
- Abililty to follow-up with stakeholders to see projects to completion.
- Contribute to program maturation efforts and process improvements.
- Excellent oral presentation skills, demonstrable writing skills.
- Professional, approachable demeanor with the ability to communicate with clarity, diplomacy and discretion.
- Must be able to work independently under general supervision. Will occasionally work as part of a larger inter-disciplinary team.
- Must be comfortable participating in video meetings.
Qualifications
- Bachelor's degree (B.A./B.S.) and Juris Doctor required.
- CIPP certification preferred.
- Mandatory minimum 1-3+ years experience in the privacy profession.
- Must demonstrate solid understanding of HIPAA, GDPR, PIPL(knowledge of PCI DSS and ISO 27000 is advantageous.)
- Knowledge of US State data consumer laws is preferred.
- Demonstrated sincere professional interest in data privacy field.
Physical Requirements
- Works under general office environmental conditions
- Sitting for extended periods, utilizes close visual acuity for working with
computers, etc.
- Must maintain regular, punctual attendance.
- Requires occasional early morning/early evening calls.
- Occasional domestic and international travel may be required.
- Must be able to travel by plane