Symantec is working to foster privacy excellence both in what we do as a company, and in what we deliver to our customers. We are committed to respecting and protecting people’s privacy and securing their information, and GDPR compliance is an important piece of this work.
The candidate will report to the VP of LSPA and head of Symantec‘s GPO, and will be a senior leader and a key member of the management team of the GPO. The candidate will act as trusted privacy advisor to the company. He/she will work in an ongoing and collaborative way with relevant LSPA and business groups in carrying out his or her responsibilities.
- Leads a team of US-based members of the GPO who are responsible for providing guidance on US statutes and regulations, and Symantec’s policies, procedures and practices that address privacy and information security;
- Coordinate and actively build team engagement with other members of the Global Privacy Office
- Assist with and provide leadership support for Symantec’s GDPR-readiness compliance program (now under way) by working with members of the GPO, and impacted teams across the company and external stakeholders as needed, inter alia, providing guidance and facilitating the development, enhancement, maintenance and implementation of tools, policies, procedures etc;
- Provide support to all members of LSPA (particularly LSPA members located in the US) in addressing privacy requirements as they impact or apply to their areas of responsibility (eg the global employment law team, the litigation team, etc);
- Work closely with all relevant internal stakeholders, including the Litigation Team, Internal Investigations Team and the Global Security Team to address reports of compliance concerns regarding privacy and information security matters; and where appropriate lead complex privacy investigations, including directing external resources (outside counsel) and liaising with customers, government agencies and regulators, with respect to, any security incidents, audits or other privacy or information protection related inquiries/investigations;
- In partnership with the Head of the GPO, and together with other key leaders of the GPO, provide strategic privacy advice and risk management – including identification, assessment and mitigation of privacy risk globally;
- Support the development, coordination and implementation of Symantec privacy policies and processes;
- Manage the implementation of global or local privacy projects and initiatives (providing leadership on strategy/approach);
- Develop partnering and networking with relevant stakeholders in overseeing privacy legal/regulatory compliance and fostering a strong culture of privacy within Symantec by advocating for privacy-by-design, transparency and accountability across all groups and business units;
- Work closely with the information security group to ensure alignment between Symantec’s security and privacy strategies (e.g. in relation to breach notification and incident response);
- At least ten years' experience handling complex privacy, data protection and security legal and policy issues with a programmatic approach, ideally in the computer/IT industry.
- Experience with online and mobile privacy, e-commerce, cloud computing, cyber security, big-data analytics, and data governance.
- Active membership in at least one U.S. state bar.
- Strong substantive knowledge of US privacy and security laws, as well as international data protection laws, including global data transfer mechanisms and emerging trends (CIPP certification is a plus).
- Excellent verbal and written communication skills, including strong experience negotiating and drafting privacy/security provisions and disclosures.
- A can-do and practical attitude when providing practical advice to clients.
- Ability to manage a diverse and complex workload while maintaining priorities and proactively anticipating issues, particularly in a fast-paced corporate setting.
- Experience managing a team and strong collaborative leadership skills.