Job ID #: 4527
Job Purpose and Scope:
Reporting to the Chief Information Security Officer; The Data Privacy Manager will work independently and collaboratively to identify risks and controls associated with the management of sensitive customer information. This role is responsible for the development, implementation, and operation of the Bank's Privacy Program including our strategy, projects and initiatives. The Data Privacy Manager will provide bank-wide leadership for the inventory of privacy-related data; assessment of privacy-risks; and monitoring for privacy compliance. Coordinate staff training; engage and advise business areas on data privacy best-practices; review and develop privacy procedures; review vendor contracts; run data privacy incident response activities; and collaborate with other areas of the Bank, such as information security, legal, and human resources. This position can be located in Dallas,TX, St. Petersburg, FL or Little Rock,AR.
Essential Job Functions:
Serve as a visible and highly engaged program manager who coordinates and runs the implementation of the data privacy program.
Analyze risks and issues and proposing mitigation plans to protect all types of information from unauthorized access or disclosure.
Assists in the development and execution of security policies, plans, standards and procedures;
Conducts Privacy Impact Assessments,
Publish privacy notices and local procedures;
Consult with business areas on Personally Identifiable information (PII) collection, minimization, appropriate use, information sharing, proper handling and disposal
Drive bank-wide PII inventory initiative
Provide data privacy training to Bank staff and management
Provide advice on how data privacy standards can be applied
Lead and monitor Bank compliance with applicable Regulations (GDPR, GLBA, FFIEC etc.)
Review data privacy controls and results with Information Technology teams
Advisor to Incident Response Team, and Information Security Advisory Council.
Act as our in-house data privacy expert and advocate
Must have strong written and oral communication skills.
Marginal Job Duties:
Coordinate and collaborate with Help Desk, Network and other IT teams to remediate identified risks and vulnerabilities;
Audit system access and reports to ensure security policy enforcement.
Contribute to Vendor Management due diligence privacy assessment activities
Knowledge, Skills & Abilities:
Knowledgeable about privacy and security issues, security vulnerabilities, regulatory and legal changes, and security standards that may impact the Privacy Program;
Ability to lead/chair multi-functional projects or project teams
Knowledgeable of data privacy incident response
Equipment Used in Job Performance/Working Environment:
Major Job Demands (Physical/Mental):
Must be able to work in an shared workspace
Must be able to use multiple monitors and screens
Must be able to work in fast paced environment
Bachelor's degree in related field preferred, such as law, information technology, compliance or risk management.
Currently possess or willing to obtain relevant certifications (CEH, GCIA, GCIH, CIPP, CIPM, DPO, CISSP, CISA or other others)
Minimum of five (5) years of demonstrated, forward-thinking, and relevant Privacy leadership experience in a complex business environment, as evidenced by an established record of achievement leading or sponsoring successful initiatives.
Three (3) years of experience leading and implementing a privacy program, including policy/standard/control application.
Bank of the Ozarks is an equal opportunity employer and give consideration for employment to qualified applicants without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, disability status, protected veteran status, or any other characteristic protected by federal, state, and local law. Member FDIC.