Privacy Compliance Manager
Employment Type : Full-Time
The role will serve as a privacy resource to the organization regarding all privacy related issues. In this role, the manager will assist the Director of Global Information Security Risk, Compliance, and Privacy in partnering with the Legal department to build a privacy program that defines, develops, maintains, and implements policies and processes that enable consistent, effective privacy practices. They will also ensure the organization complies with statutory and regulatory requirements and standards regarding information storage, access, security and privacy. The ideal candidate will have a track record in the implementation of privacy requirements, collaborate with all lines of business and across all functional areas within CareerBuilder to develop creative approaches to complying with global data protection laws.
Essential Responsibilities:
- Drive the identification, implementation, and improvement of the organizational privacy strategy, framework, and standards globally.
- Maintain current knowledge of applicable global, federal and state privacy laws and accreditation standards.
- Develop comprehensive knowledge of global privacy obligations, processes, best practices, and solutions.
- Coordinate with internal teams and Legal to process, track, investigate and report inappropriate access and disclosure of personal Information.
- Develop or assist with the development of privacy training materials and other communications to increase employee understanding of privacy policies, data handling practices and procedures, and legal obligations.
- Interacting with product, legal, and other cross-functional teams, perform policy and contract analysis and represent Risk and Compliance in contract negotiations between CareerBuilder and its strategic partners.
- Review and approve contract terms; advise the Legal and other teams as appropriate on policy related contractual risks.
- Provide support and consultation to key stakeholders on significant product updates and launches to ensure compliance with policy standards and practices.
- Own and manage security and privacy compliance projects across multiple teams including product, engineering, operations and IT.
- Perform regular privacy and security compliance audits to better understand and address potential operational gaps within the organization.
- Develop and implement processes to identify and address evolving privacy risks inherent in the organization’s operations, and in the development of new products, services and technologies.
- Define, enable and manage processes for data subject/individual rights and requests, and ongoing tracking and monitoring of such processes and requests.
- Provide “privacy by design” counseling to cross-functional teams for new products and initiatives.
- Define and maintain privacy related management information to assist with reporting and demonstrating accountability to relevant stakeholders.
- Assist in managing the planning, designing, writing, and finalization of policies, control framework and procedures to comply with NIST guidelines.
Job Requirements:
- Proficiency with Microsoft Office Applications (Outlook, Word, Excel, etc.)
- Good interpersonal skills
- Understanding of records, information management, and data protection laws, regulations, and best practices.
- Knowledge of applicable practices and laws relating to data privacy and protection.
- Subject matter expertise with security and compliance lifecycles and industry frameworks, standards, and guidelines (NIST, FISMA, ISO, COBIT, ITIL).
- Experience and expertise in the development, execution, and maintenance of HITRUST compliance or equivalent HIPAA Experience.
- Must be able to build and leverage internal and external relationships, facilitate decisions and results at all levels of the enterprise, and drive strategies and projects to solution.
- Demonstrated analytical and problem-solving skills applied to both technical and business challenges.
- SDLC operational lifecycle familiarity.
- Ability to relate regulatory or framework requirements to multiple parties including engineering staff of both hardware and software.
- Experience in strategic planning, budgeting, consulting, and general industry experience.
- Proficient ability to react to high pressure dynamic changing environments.
- Proficient ability to effectively utilize resources throughout the organization as well as external vendors.
- Demonstrated effective leadership and communication skills.
- Experience working in a team-oriented, collaborative environment.
- Demonstrated results orientation, initiative, attention to detail, and customer service orientation.
- Excellent written, verbal and presentation communication skills.
- Obtained or demonstrates an active pursuit of one or more of the following certifications: CISM, CISA, CGEIT, CRISC certifications, Project Management Professional (PMP) or other related certifications.
Supervisory Responsibilities:
NO
Education:
- Bachelor’s degree in Computer/Information Science (or related BS degree).
Minimum Years of Experience:
- 3-7 years of experience in privacy regulations (e.g. GDPR, HIPAA, CCPA, PIPEDA, etc.) and demonstrable experience in the interpretation of and compliance with such regulations in a complex business environment.
- Five (5) years of experience managing global privacy programs with familiarity of global data protection law and associated frameworks (GDPR, CCPA, APEC CBPR, HIPAA, AICPA Privacy Maturity Model, NIST frameworks, ISO frameworks, etc.)
- 3-5 years' Project Management experience to include Participation in life cycle project implementations (from scoping/planning, requirements gathering, design, development, testing, launch and support).
This position will work with confidential and proprietary information that requires a signed Employee Non-Disclosure Agreement upon hire.
Physical Demands:
- Frequent phone and computer use
- Creating written communications
- Able to sit/stand at a desk
CareerBuilder employees are currently remote. We do have offices based in Chicago and Atlanta. When it is safe to return to the office, you will have the ability to continue to be remote or utilize the Chicago or Atlanta offices as determined by your manager.
Benefits-We’re All About You!
When you're focused on the goal, not the path – you can be more flexible, and that translates into more productive and satisfied employees. From flexible hours to volunteering during work hours to diverse education opportunities, CareerBuilder is committed to helping employees strike a balance.
Here are just some benefits we offer:
- Comprehensive Medical, Dental & Vision, Life & Disability Programs
- Option to enroll in supplemental Life, AD&D, Accident, Critical Illness, Home & Auto, Transit and Legal Programs
- Parental support including paid maternity and parental leave, Milk Stork, Healthy Pregnancy Program and Fertility Support Services
- Education Reimbursement Program allowing up to $5k per year towards completion of a Bachelor’s and non-MBA graduate degree, and up to $10K per year towards completion of an MBA
- Wellness Support & Initiatives
- Employee Assistance Program with free counseling sessions
- Wellness/Tobacco Free credits towards medical premiums
- Summer Fridays off in July and August; Thoughtful Fridays (no internal meetings) the rest of the year
- On-site meditation rooms
- 401(k) Program with a two year vesting schedule, discretionary match, and an opportunity to make Pretax and Roth contributions. Financial educational webinars and individual retirement planning advising available.
CareerBuilder, LLC is proud to be an Equal Opportunity Employer. Applicants are considered for all positions without regard to race, color, religion, sex, national origin, age, disability, sexual orientation, ancestry, marital or veteran status.
TSR ID: 002235