About the job
Under general supervision, this position will strategize on confidentiality and privacy trends as they relate to company and consumer data. The position will conduct quantitative and qualitative factor analysis to support the prioritization of tactical and strategic risk mitigation projects and measure the progress of privacy risk reduction initiatives. This position will also evaluate the maturity and effectiveness of data governance frameworks, policies, and standards. Requires legal background/experience.
Key Responsibilities:
- Lead junior staff, stakeholders, and executive team on how to monitor and perform risk mitigation efforts by developing goals, policies, and procedures for the organization’s privacy programs, in accordance with security laws
- Analyze complex business processes or issues and quickly understand the business issues and related privacy and data challenges with quantitative and qualitative factor analysis methods
- Serve as a spokesperson for inquiries, statements, or general counsel to governmental, regulatory, and marketing staff regarding data privacy and network security issues
- Follow emerging privacy trends and laws, advise on current and emerging privacy risks, and coordinate data privacy training programs and activities
- Ensure the release of protected information adheres to the organization’s policies, procedures and legal requirements
- Conduct due diligence reviews of external vendors and support internal stakeholders with Privacy Impact Assessments utilizing Privacy by Design Principles
- Direct others in the assessment of data privacy and security risks including data classification, documentation of event investigation activities, and maintenance of the Privacy Risks Register
- Understand business objectives, analyze complex business processes, and consult on outcomes to pinpoint related privacy risks and data challenges
Minimum Qualification:
- Bachelor’s Degree in Business Administration, Statistics, and Data Science, or related field, or foreign equivalent, or suitable combination of education, experience, and training; plus 4 years of work experience in a data management, compliance, risk management, privacy or regulatory related function.
Preferred Qualification:
- CIPP, CIPM, CISSP, CISA, CRISC, FAIR
- Experience working on privacy or other compliance programs (E.g. PCI or Quality Standards).
- Experience assessing and evaluating business risk.
- Intermediate knowledge of Microsoft Office tools.
- Ability to read complex regulations and interpret legal and regulatory requirements.
- Demonstrate knowledge and aptitude for methods for scoring, calculating, and quantifying risk.
More Information
- Salary Offer $75,000/yr - $95,000/yr
- Address Lowell, AR, USA
- Experience Level Senior
- Total Years Experience 0-5