Job Summary
As the Senior Manager of Privacy & Data Protection, reporting to the Director of Risk & Compliance, you will be leading and overseeing Atlas' privacy program, ensuring compliance with global data protection regulations, and protecting the privacy rights of customers, employees, and stakeholders. As a key member of the Risk & Compliance team, you will be developing and implementing privacy policies, managing data privacy risks, and providing strategic advice on privacy-related matters. You will work and partner with various departments, including Legal, IT, HR, Operations, Entity Compliance and other business areas globally across the firm, to ensure that all business practices align with the highest standards of privacy and data protection.
Key Responsibilities
Privacy Program Management
Develop, implement, and manage the organization's privacy program, including policies, procedures, and training programs, to ensure compliance with applicable data protection laws (e.g., GDPR, CCPA, HIPAA).
Lead the creation and maintenance of privacy frameworks, ensuring they are aligned with industry best practices and regulatory requirements.
Oversee privacy risk assessments, including Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs), and ensure that identified risks are mitigated.
Compliance & Regulatory Oversight
Monitor and analyze privacy laws, regulations, and industry standards, ensuring the organization's privacy program remains up-to-date and compliant with current legal requirements.
Coordinate and manage responses to regulatory inquiries, audits, and investigations related to data privacy.
Ensure that privacy notices, consent forms, and other related documents are accurate, transparent, and compliant with relevant laws.
Data Subject Rights Management
Oversee the management of data subject requests, including requests for access, correction, deletion, and portability of personal data.
Develop processes and procedures to ensure that data subject rights are respected and managed in a timely and compliant manner.
Incident Response & Data Breach Management
Lead the organization's response to data breaches, including investigation, containment, notification, and remediation efforts.
Collaborate with the IT and security teams to ensure that data incidents are handled effectively and reported to relevant authorities when required.
Training & Awareness
Design and deliver privacy training programs for employees and contractors to ensure awareness and understanding of privacy obligations.
Develop and implement privacy awareness initiatives to foster a culture of data protection and privacy within the organization.
Stakeholder Engagement
Act as a key point of contact for privacy-related inquiries from internal and external stakeholders, including customers, partners, and regulators.
Collaborate with cross-functional teams to integrate privacy by design and by default into all business processes, systems, and products.
Provide strategic guidance to senior management on privacy risks, trends, and best practices.
Qualifications
Education
Bachelor's degree in Law, Information Security, Business Administration, or a related field. A Master's degree or Juris Doctor (JD) is preferred.
Experience
Minimum of 7-10 years of experience in privacy, data protection, or a related field, with at least 3 years in a senior or managerial role.
In-depth knowledge of global privacy laws and regulations, including GDPR, CCPA, and HIPAA.
Proven experience in developing and managing comprehensive privacy programs within a corporate environment.
Certifications
Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), or similar certifications are highly desirable.
Skills
Strong understanding of privacy principles, data protection laws, and regulatory requirements.
Excellent project management and organizational skills, with the ability to manage multiple priorities in a fast-paced environment.
Strong analytical and problem-solving skills, with the ability to think strategically and address complex privacy issues.
Exceptional communication and interpersonal skills, with the ability to influence and collaborate with stakeholders at all levels of the organization.
Proficiency in privacy management software, data protection tools, and Microsoft Office Suite.
#J-18808-Ljbffr