Subject-matter expert on applicable data privacy and security regulations. Serve as a cross-functional and business partner point-of-contact for advice and guidance as needed. Support the business through meeting internal and external applicable standards.
• Subject-matter expert on applicable data privacy regulations.
* Draft/review/provide input on applicable agreements (BAA, DPA), assessments (DPIA, TIA), notices, policies, processes.
* Create employee educational articles, trainings and resources.
* Update annual employee trainings and deliver on-boarding training.
* Participate in meetings with business partners on initiatives involving personal information.
* Identify potential data privacy risks and offer risk mitigation options.
* Maintain and update content on global data privacy program intranet.
* Meet deadlines of assigned responsibilities on global program calendar.
* Actively monitor regulatory landscape in areas of primary responsibility.
* Proactively partner with cross-functional teams to improve processes.
* Maintain transparency of daily work flow status using team tools.
* Assist with internal audits and risk assessments as requested.
* Assist with investigations and data incident response as requested.
* Prioritize reading industry papers and briefs, attending webinars and conferences to maintain current knowledge of global regulatory landscape.
* Excellent reasoning and judgment - provide sound recommendations that are achievable and demonstrate a willingness to work with business partners to find solutions and risk mitigation if needed.
* Must be able to shift priorities as needed while managing and communicating a dynamic workload.
* Contribute to program maturation efforts and process improvements.
* Excellent oral presentation skills, demonstrable writing skills.
* Professional, approachable demeanor with the ability to communicate with clarity, diplomacy and discretion.
* Must be able to work independently under general supervision. Will occasionally work as part of a larger inter-disciplinary team.
* Must be comfortable participating in video meetings.
• Bachelor's degree (B.A./B.S.) and Juris Doctor required.
* CIPP certification preferred.
• Mandatory minimum 1-3+ years experience in the privacy profession.
• Must demonstrate solid understanding of HIPAA, GDPR, PIPL(knowledge of PCI DSS and ISO 27000 is advantageous.)
* Knowledge of US State data consumer laws is preferred.
* Demonstrated sincere professional interest in data privacy field.
• Works under general office conditions
• Sitting for extended periods
• Requires close visual acuity when working with computers, etc.
• Presentation of training materials to various employee levels
• Visual and manual proficiency with computer based presentations