IT Privacy Compliance Manager in San Ramon, CA

$150K - $200K(Ladders Estimates)

Robert Half International   •  

San Ramon, CA 94583

Industry: Staffing

  •  

5 - 7 years

Posted 60 days ago

This job is no longer available.

JOB DESCRIPTION

Responsible for the planning, design, enforcement and audit of security policies and procedures which safeguard the integrity of and access to RHI's global enterprise systems, files and data elements. Maintain knowledge of changing global regulations and provides recommendations for the adaptation of new policies. Recognizes and identifies potential areas where existing data security policies and procedures require change, or where new ones need to be developed, especially regarding future business expansion. Identifies and advises RHI management of critical issues that may affect customer or corporate security objectives.

Assist in managing our global policy, legal, regulatory and contractual annual certification and compliance efforts (e.g. SOX, SOC II, HIPAA, GDPR, CCPA). Leverage security industry knowledge along with assessment, organizational and consultancy skills to meet global regulation timelines aligned to business demands. Maintain security requirements documentation.

Work with the audit team to identify and report on the effectiveness and efficiency of the implemented information protection controls and data privacy controls to determine the overall security and data privacy posture of RHI.

Job Summary


As a Business Information Security Advisor III, (IT Privacy Compliance Manager) your specific responsibilities will include:

Works closely with our domestic and international business stakeholders, business and IT management, internal audit and legal counsel to understand business requirements related to security, data privacy and regulatory compliance, and to map those requirements to current security and data privacy project requirements with intermediate to complex level needs.

Ensure the continued adoption, maturity and growth of the following functional areas by adequate planning and sustained execution of required activities:

• Data Privacy

• Information Risk Management

• Compliance

• Policy Lifecycle Management

Work with other corporate compliance personnel and the representatives from IT to identify Information Security Policies that require intermediate to complex level creation/updates and also process Exceptions requested for existing policies pertaining to Data Privacy.

Support Policy awareness and monitoring activities for sustaining adequate compliance.

Define and implement an ongoing RHI IT Risk Management program focused on Data Privacy, which will include facilitating risk decisions from stakeholders, tracking risk remediation efforts, developing risk management metrics, participating in third party security assessments and responding to security and privacy customer RFI questionnaires.

Evaluate business-related controls for integrating business and information system security and risk mitigation efforts. Develop and implement tools to support automated risk management and compliance efforts.

Qualifications:


  • Bachelor's degree (BA) or equivalent combination of education and experience in Information Risk Management, Engineering, Management Information Systems or related curriculum.
  • Professional certifications from ISACA, (ISC)2, (CISSP), IAPP preferred.
  • Requires 5+ years' professional work experience, including 3+ years' of working knowledge of risk assessment and risk analysis, IT management concepts, information security, and application of those in multiple IT environments.
  • Strong working knowledge of data mapping and data flow diagram development
  • Strong working knowledge of GRC methodologies, risk analytic tools and development of information risk metrics required.
  • Strong working knowledge of executing activities related to Information Security Policy Data Privacy Lifecycle required.
  • Working knowledge of reviewing and responding to sections of security and compliance questions in RFIs required regarding data privacy.
  • Basic understanding of systems development life cycle methodologies required.
  • Working knowledge of Application Security, Infrastructure security, audit, and control methods.
  • Strong capabilities in gap analysis, review and validation of relevant security, privacy and regulatory requirements.
  • Excellent communication, teamwork and client service skills.
  • Strong presentation and project management skills.
  • Aptitude to prioritize and execute on functional work efforts concurrently.
  • Results-oriented person who can achieve tangible improvements in the corporate security arena.
  • Demonstrated integrity within a professional environment

Robert Half International Inc. is an Equal Opportunity Employer. M/F/Disability/Veteran

As part of Robert Half's corporate facility employment process, any offer of employment is contingent upon successful completion of a background check.

You may apply for this position online, or by mail. Robert Half is committed to being an equal employment employer offering opportunities to all job seekers including individuals with disabilities.

In your email please include the following:


  • The specific accommodation requested to complete the employment application
  • The location(s) (city, state) to which you would like to apply.


Valid Through: 2019-9-16