Sr Manager Data Protection, Privacy & Security
Requirements:
Professionals with at least 5 years of experience in Risk and Compliance; Privacy and Data Protection; Security/ Cybersecurity; Assessment and Audit.
Experience with:
- Designing or implementing enterprise privacy programs or program components
- Understanding, designing or assessing control environments
- Performing privacy risk evaluations and/or “gap” assessments using legal, regulatory or contractual frameworks and authoritative standards (e.g. GAPP, Safe Harbor )
- Performing compliance assessments or audits (e.g. SOC-2 Security or Privacy, GLBA, PCI, Consent Agreement mandated audits, etc.)
- Assessment and compliance report writing including findings and recommendations for presentation to management and stakeholders
- Third party privacy risk assessment and/or due diligence processes
- Knowledge of US Privacy Law: GLBA, FCRA, COPPA, CAN-SPAM,
- Knowledge of international privacy legal constructs (e.g. EU GDPR, PIPEDA, etc)
- Understanding of cross-border data transfer and the interaction with or impact on business processes, operations and IT.
- Business process analysis and data-mapping
Prior Big 4 or consulting experience preferred
Excellent verbal and written communication
Experience with Microsoft Office Suite including Visio
Travel required
Relevant Certifications:
- CISSP
- CIPP, CIPP/IT, CIPP/*
- CISA/ CISM
- CPA/ CIA