Director, Data Protection & Compliance

  •  

Hollywood, FL

Industry: Technology

  •  

8 - 10 years

Posted 157 days ago

This job is no longer available.

The Director Data Protection supports the efforts of the Data Protection Officer; working closely with all corporate stakeholders, the Information Security team and the Privacy team to support the development and maintenance of ongoing privacy-related efforts across the organization. The individual in this position manages all operations associated with organizational privacy and privacy compliance reporting requirements, and participates in the development and maintenance of the auditing and monitoring process for the corporate Privacy Department.


Job Description

Responsibilities:

  • Conducts risk management and privacy impact assessment operations to generate report data for senior management.
  • Implements privacy technologies that will strengthen the security of information.
  • Maintains confidential privacy documentation across the entire organization.
  • Participates with legal and executive council to form recommendations on policies, practices, and procedures that have a significant impact on the organizations privacy function.
  • Responsible for aligning departmental strategy or direction with the overall goals of the organization.
  • Develops policies, practices, and procedures that have a significant impact on the organization.
  • Serve as a visible and highly engaged manager who coordinates and leads the daily activities associated with implementation of the data privacy program
  • Educating the company and employees on important compliance requirements; training staff involved in data processing
  • Perform privacy and/or security reviews including regulatory and industry assessments (GDPR, HIPAA, NIST, etc.), risk analyses, information inventory and data mapping, vendor management assessments, and additional privacy or security compliance related projects to ensure compliance and address potential issues proactively
  • Consult with business areas on Personally Identifiable information (PII) collection, minimization, appropriate use, information sharing, proper handling and disposal
  • Develop and implement privacy awareness training materials
  • Serving as the point of contact between the company and GDPR Supervisory Authorities
  • Monitoring performance and providing ongoing advice to teams across the organization on the meaning and application of data protection and privacy regulations.
  • Maintaining comprehensive records of all data processing activities conducted by the company, including the purpose of all processing activities, which must be made public on request
  • Interfacing with data subjects to inform them about how their data is being used, their rights to have their personal data erased, and what measures the company has put in place to protect their personal information
  • Research and evaluate emerging privacy trends, laws or regulations
  • Assisting with other privacy and legal compliance tasks as needed and as time permits on subjects including, but not limited to, employment, ethics, finance, PCI, SOC 2, etc.
  • Works with corporate IT team, Information Security team and Privacy team to implement and monitor privacy compliance programs
  • Communicate with teams affected by new laws and regulations and monitors to assure that necessary changes to policies and procedures are made
  • Serve as an internal expert resource for privacy compliance
  • Identify and guide resolution for privacy compliance issues including effective communication of these issues to other business units.
  • Review new engineering and product data use cases to ensure ongoing compliance with Privacy policies
  • Assist with incident response and mitigation strategies as necessary
  • Respond to complaints and grievances related to Privacy issues
  • Perform other privacy team relevant duties and responsibilities as assigned

Qualifications:

  • Bachelor's degree in Computer Sciences, Information Technology, Information Security or other related field; Master's degreepreferred
  • Ten (10) years of related work experience, which includes two (2) years of practical experience in data protection and privacy management
  • CIPP/US, CIPM, required and CIPT certification preferred
  • Must possess a strong technical aptitude and be able to effectively communicate with technology professionals; data analysis and/or coding skills are required
  • Must have extensive knowledge of privacy and data protection laws, regulations and best practices
  • Experience with compliance issues and standards at all levels (local, state, federal and international) and familiarity with industry-specific regimes (e.g. HIPAA, PCI, GDPR, etc.)
  • Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus.
  • Clear ability to build strong relationships and establish trust with stakeholders at all levels
  • Excellent verbal and written communications skills
  • Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner
  • Ability to solve complex problems in a timely manner by working with multiple stakeholders
  • Ability to manage multiple tasks and work streams effectively.
  • Ability to follow detailed procedures and processes with a high degree of accuracy
  • Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product
  • Experience managing project through the full system development lifecycle
  • Multiple language abilities preferred? fluency in English (written and spoken) required
  • Flexibility to travel as required up to 25% overnight travel
$150K - $160K