We are seeking a strategic, highly-skilled privacy professional to provide tactical counsel on data privacy and information security matters and to build relationships with business partners in a collaborative environment. As a subject-matter expert on privacy and information security, the successful candidate will report to the Data Privacy Officer and will provide privacy and information security advice in support of Sabre’s global business. Focus will include regulatory compliance, contracting and operational risk management in data privacy, information security, incident response, technology, ecommerce, mobile applications, records management and vendor management.
Responsibilities and duties will include the following:
- Partner with Sabre’s business units to provide practical, expert advice on privacy issues related to complex business matters, commercial contracts, and to drive compliance with US and global privacy laws and regulations, including GDPR
- Guide and support Sabre’s business units on legal and regulatory requirements related to privacy, information security, and incident response
- Monitor and report on federal, state, and international laws and regulations as well as court decisions, industry guidelines, trade journals, and other relevant publications related to privacy, information security, and technology
- Assist in creating, identifying, implementing, and managing privacy, information security, and incident response policies, procedures, and guidance
- Respond to data subject complaints, data subject access requests, and related matters
- Support pan-Sabre privacy projects; perform Privacy Impact Assessments/Data Protection Impact Assessments; provide DPA contracting support; and facilitate integration of privacy, risk, and compliance requirements into business planning processes, including marketing and new product development
- Participate in the development, implementation, and ongoing compliance monitoring of vendor agreements to ensure privacy requirements and responsibilities are addressed
- Develop training materials (FAQs, playbooks, etc.) on privacy, information security and incident response
- Participate in the initial diligence, implementation and ongoing compliance monitoring of third party vendors to ensure privacy and security requirements are met and contractual obligations are honored.
- Initiate, facilitate, and promote activities to foster data privacy, information security, and incident response awareness within Sabre and among Sabre’s vendors and other appropriate third parties.
- Other responsibilities as assigned.
- Bachelor's degreerequired. JD and license to practice law strongly preferred.
- Strong knowledge of international privacy regulations required.
- CIPP certification strongly preferred.
- Five years (or more) experience focusing on privacy, data protection, information management, or information security in, or advising global organizations, working as an attorney or privacy manager/professional.
- Experience in global privacy matters required.
- Must demonstrate accountability, strong attention to detail and organizational skills, as well as excellent written and verbal communication skills.
- Must have the ability to handle multiple projects simultaneously, strong initiative, innovation, and creativity in finding solutions.
- Must have the demonstrated ability to influence and partner effectively with all levels of personnel and outside law firms.
- Proficiency in written and verbal communications in Englishrequired. Additionallanguage skillspreferred.