Job Summary:

• Create a privacy program for the company defining, developing, maintaining and implementing procedures that enable consistent, effective privacy practices and minimize risk, ensuring confidentiality of protected information
• Working with senior management, security and corporate compliance officers to govern the privacy program
• Collaborate with information security and technology teams to ensure that security and privacy concerns are aligned
• Establishes an ongoing program to track, investigate and report inappropriate access and disclosure of protected data.
• Perform initial and periodic information privacy risk assessment, analysis, mitigation and remediation activities
• Create and maintain appropriate privacy and confidentiality consents, authorization forms and information notices and materials reflecting current organizational and legal requirements and practices
• Oversee, develop, and deliver initial and ongoing privacy training to employees
• Work with other organizational units to oversee rights of customers to inspect, amend and restrict personal data
• Manage all breach determination and notification processes under applicable federal and state laws
• Maintain current knowledge of all applicable federal and state privacy laws
• Work with the organization’s administration, legal counsel, and others to represent the organization’s information privacy interests with external parties

Skills on Resume: 

• Privacy Compliance Knowledge (Hard Skills)
• Risk Assessment (Hard Skills)
• Cross-Functional Collaboration (Soft Skills)
• Training Development (Soft Skills)
• Incident Management (Hard Skills)
• Documentation (Hard Skills)
• Analytical Skills (Hard Skills)
• Stakeholder Engagement (Soft Skills)

Job Summary:

• Assist the DPO in developing, implementing, maintaining, and monitoring privacy and data protection policies, processes, and controls.
• Provide advice and guidance to colleagues on all aspects of privacy and data protection.
• Liaise across core functional departments within the charity (such as HR, Operations, Digital, and Procurement) in relation to the relevant policies, procedures, processes, and initiatives to ensure compliance.
• Foster a positive data protection culture across the organization.
• Oversight of the charity’s data processing register, ensuring that it is complete, fit for purpose and is reviewed on a regular basis.
• Assigning ownership and accountability for data assets to relevant stakeholders across the charity to maintain a record of all data processing activities within the charity.
• Conduct audits to ensure privacy and data protection compliance and proactively address potential privacy and data protection issues
• Cooperate with federal and state regulators in compliance reviews or investigations
• Serve as an information privacy resource to the organization regarding release of information and to all departments when privacy issues arise
• Maintain controls documentation with SMEs and ensure compliance with Internal and External Audit.
• Provide guidance and advice to the organization with current information on related regulatory issues and compliance technologies.

Skills on Resume: 

• Policy Development (Hard Skills)
• Advisory Skills (Soft Skills)
• Interdepartmental Liaison (Soft Skills)
• Data Protection Culture Promotion (Soft Skills)
• Data Processing Oversight (Hard Skills)
• Accountability Assignment (Soft Skills)
• Compliance Auditing (Hard Skills)
• Regulatory Cooperation (Soft Skills)

Job Summary:

• Provide guidance and lead the identification, implementation, and maintenance of information policies and procedures in coordination with appropriate organization management and administration for privacy.
• Perform gap and readiness assessments for compliance obligations focused on privacy (i.e. Privacy assessments, EU SafeHarbor/ Privacy shield, Global Data Protection Regulation, ISO 27018, etc)
• Agree objective, goals, and scope of the project with senior management. 
• Obtain management support and commitment of resources for the assessment
• Build audit programs, including audit plan, process, scope, procedures, questionnaires and schedules
• Assess the adequacy of existing policies, processes, and controls against the requirements of the compliance obligation
• Work with management to draft and implement remediation plans to mitigate identified issues and risks, and improve processes and controls
• If working with staff, review staff output, provide guidance on project's next steps, and supervise and guide staff in working with internal customers
• Perform periodic privacy audits of websites, products, applications, operations and environments for adherence to corporate privacy policies and guidelines.
• Work closely with Legal department and/or external consultants to ensure the organization is up-to-date on privacy requirements, identify areas of concern, develop the relevant solutions, provide management response, track progress and drive actions to completion.
• Enforce compliance with policies and standards in conjunction with internal audit, developing, managing and monitoring security over business processes.

Skills on Resume: 

• Policy Implementation (Hard Skills)
• Compliance Assessment (Hard Skills)
• Project Management (Soft Skills)
• Resource Coordination (Soft Skills)
• Audit Program Development (Hard Skills)
• Policy Evaluation (Hard Skills)
• Remediation Planning (Soft Skills)
• Legal Collaboration (Soft Skills)

Job Summary:

• Manage and perform internal audits and benchmarking assessments for compliance with laws/regulations.
• Respond to privacy and data protection-related inquiries from a wide range of groups across the company and provide actionable advice and legal counsel regarding the same
• Partner with the CTO and Legal Team to draft, develop, implement and maintain privacy policies, procedures, notices and guidelines. 
• Direct and collaborate with in-house counsel on negotiating privacy and data protection-related provisions of commercial and technology contracts, including vendor/service provider agreements, customer agreements, data transfer and data protection agreements.
• Provide proactive guidance on the potential business impact of GDPR, the ePrivacy Directive and other international privacy and data security laws and regulations.
• Assist with data breach readiness planning and response.
• Monitor changes in applicable privacy laws and prepare updates and communicate with internal clients to keep them abreast of these developments.
• Support the growth of new business opportunities by analyzing privacy implications of new products and services and providing guidance on minimizing privacy compliance risk, and conducting risk assessments related thereto.
• Develop guidelines, training and tools to support accountability and compliance across the organization.
• Work with the company’s Compliance, Regulatory, Risk Management, IT and Information Security functions
• 
  

Skills on Resume: 

• Internal Audit Management (Hard Skills)
• Inquiry Response and Legal Counsel (Soft Skills)
• Policy Development (Hard Skills)
• Contract Negotiation (Hard Skills)
• Regulatory Guidance (Soft Skills)
• Data Breach Planning (Hard Skills)
• Legal Compliance Monitoring (Hard Skills)
• Risk Assessment (Hard Skills)

Job Summary:

• Support the DPO in the implementation of the Data Protection Policy and the Data Protection Framework.
• Promote a data protection culture within the company by providing advice and support on privacy issues to business teams and the European offices.
• Maintain all the company’s systems, controls, processes, tools and documentation that enable all the company's data processing activities to comply with GDPR and national data protection legislation in the European countries in which it operates. Eg, Records of Processing database, and procedure documents.
• Handle and respond to all data subject requests and maintain appropriate records of them.
• Undertake all Data Protection Impact Assessments (DPIAs) and record all of them in a central location.
• Draft and review privacy notices and other non-contractual documents related to privacy.
• Identify staff training needs, preparation and delivery of training and communication material.
• Review and advise on privacy provisions in commercial contracts, including in relation to international transfers.
• Handle and respond to ad hoc inquiries on data protection from business teams, the European offices and outsourced providers.
• Obtain legal advice on points of law where necessary.
• Keep abreast of regulatory and technological developments in data protection.

Skills on Resume: 

• Data Protection Policy Implementation (Hard Skills)
• Privacy Advisory Support (Soft Skills)
• Compliance Management (Hard Skills)
• Data Subject Request Handling (Hard Skills)
• DPIA Management (Hard Skills)
• Privacy Documentation Drafting (Hard Skills)
• Training Development (Soft Skills)
• Regulatory Awareness (Hard Skills)

Job Summary:

• Support the business groups with data protection needs through comprehensive guidance on the use of personal data
• Creation and optimization of private data protection guidelines, templates and other documents
• Planning, coordination and implementation of training courses and other private data protection events
• Collaborate with internal Business Application and Cybersecurity / Information Security Teams on privacy matters related to the organization's IT applications and systems
• Assist with the review of ongoing compliance of third-party vendors as related to data protection and the processing of personal data on behalf of the organization
• Support internal teams and external authorities in assessing any potential privacy incidents
• Development, implementation and maintenance of data privacy metrics and monitoring
• Partner with various internal teams on integration activities
• Ensure data privacy requirements are followed for new software applications and IT tools
• Provide advice and counsel regarding data protection matters

Skills on Resume: 

• Data Privacy Knowledge (Hard Skills)
• Document Creation (Hard Skills)
• Training Coordination (Soft Skills)
• Collaborative Approach (Soft Skills)
• Vendor Compliance Assessment (Hard Skills)
• Incident Assessment (Hard Skills)
• Metrics Development (Hard Skills)
• Software Compliance (Hard Skills)

Job Summary:

• Overseeing the data protection strategy of the digital car as well as its implementation to ensure compliance with BMW data privacy rules and China regulations and law. 
• Lead the initiative to clearly and repeatedly communicate of company’s policies and procedures to employees and business partners through training and awareness activities.
• Collaborate with the development team to ensure that privacy requirements are considered during the design phase of new technology and products. 
• Evaluate the regulatory landscape in the context of the ICV (Intelligent Connected Vehicle) and derive clear requirements to development and operation of related BMW functions and services.
• Identify and communicate risks for BMW's business
• Supervise the regular comprehensive completion of privacy impact assessments for all ICV-related BMW functions and services by BMW data privacy rules and China regulations and laws.
• Communicate with and influence the ICV data privacy regulation and standards on behalf of BMW China on all levels of governmental bodies, industry research associations and other relevant groups. 
• Review, implement and maintain effective data privacy policies, procedures, and practices.
• Review and update WVA Privacy Policy by audit/regulation updates
• Conducting due diligence across relevant third-party vendors to ensure Australian Privacy Act standards are met
• Manage privacy risks on org-wide risk register and implement and manage breach response for WVA, and manage responses with OAIC

Skills on Resume: 

• Data Protection Strategy Oversight (Hard Skills)
• Communication (Soft Skills)
• Collaboration (Soft Skills)
• Regulatory Evaluation (Hard Skills)
• Risk Communication (Soft Skills)
• Privacy Impact Assessment (Hard Skills)
• Policy Maintenance (Hard Skills)
• Vendor Due Diligence (Hard Skills)

Job Summary:

• Manage all elements of the company data privacy compliance program including risk assessment, policies and procedures, and investigations to provide risk-based guidance and support
• Ensure best-in-class compliance program by reviewing privacy program policies and practices against leading industry standards
• Assess potential and actual privacy incidents, and provide strategic input to North American and Global compliance initiatives related to data privacy risk
• Manage data privacy risk by understanding the business strategy and designing and implementing pragmatic controls
• Prepare reports and other deliverables with strategic, executive- and/or technical-based analysis and findings, communicating these results to senior management
• Ensure compliance by conducting project-based, privacy-related assessments and audits
• Provide risk-based guidance to business stakeholders at all levels of the organization regarding data privacy policy and procedure interpretation
• Draft, implement and maintain data privacy policies, procedures and other guidance documents
• Establish and lead a cross-functional data privacy network to identify and prioritize global privacy-related initiatives
• Lead the development and delivery of privacy communication and training to all relevant stakeholders by coordinating with training and communication teams.
• Develop and operate key performance index metrics to measure the effectiveness of the data privacy compliance program
• Protect CGI’s reputation by keeping information confidential

Skills on Resume: 

• Compliance Management (Hard Skills)
• Policy Review (Hard Skills)
• Incident Assessment (Hard Skills)
• Risk Management (Hard Skills)
• Strategic Reporting (Hard Skills)
• Privacy Audits (Hard Skills)
• Stakeholder Guidance (Soft Skills)
• Training Coordination (Soft Skills)

Job Summary:

• Provision of guidance related to privacy matters in partnership with Human Resources, Procurement, Information Security and Sales/Marketing teams
• Chairing the Group Privacy Steering Committee
• Monitoring compliance with the Group's Policies and Procedures and providing updates on the data protection compliance program to senior management
• Responsible for data mapping, carrying out regular audits and maintaining the data register
• Review or populate data processing agreements and EU standard contractual clauses
• Updating and rolling-out of training to staff to raise awareness of data protection and foster a data privacy culture within the Group
• Working with the Information Security team to ensure that systems and procedures comply with all relevant data privacy and protection laws, regulations and policy
• Cooperating with relevant supervisory authorities including in the event of any data breach which may need to be notified to the relevant authorities and to individuals (and assist with containment and mitigation of the breach)
• Advising in relation to data retention and deletion, particularly regarding HR files and employee data, including where held in offsite storage
• Assisting in relation to M&A due diligence and data privacy integration workstreams
• Supporting HR teams, including when responding to data subject requests and dealing with local regulators.

Skills on Resume: 

• Privacy Guidance (Soft Skills)
• Committee Leadership (Soft Skills)
• Compliance Monitoring (Hard Skills)
• Data Mapping (Hard Skills)
• Agreement Review (Hard Skills)
• Training Development (Soft Skills)
• Regulatory Cooperation (Soft Skills)
• Data Retention Advisory (Hard Skills)

Job Summary:

• Lead teams in the field and perform privacy assessment interviews, reporting, and delivery of regulatory assessments (HIPAA, GDPR, CCPA, GLBA, NIST, etc.), risk analyses, information inventory and data mapping, vendor management assessments, and additional privacy-related projects.
• Document and review assessment results and prepare project deliverables that reflect analysis and observations to be communicated to client management.
• Research, evaluate and communicate client privacy requirements and identify current posture against these requirements to internal team and clients.
• Contribute to the development of the team’s assessment methodologies that help increase assessment efficiencies.
• Develop and maintain privacy practices and methodologies that help support Focal Point’s privacy initiatives and project efficiencies.
• Lead and support clients in incident response management, including incident investigation, fact-gathering and documentation, and regulatory or state breach notification procedures.
• Actively participate in local privacy community (e.g., LinkedIn, local events, online forums), and assist in creating data privacy white papers on hot topics and current events that will provide guidance to current and potential clients.
• Continue to uplift org-wide knowledge on Australian privacy regulation and impacts including the facilitation education of WVA staff in privacy fundamentals
• Managing the cross-functional working group (privacy council)
• Ensure ongoing delivery of privacy knowledge across the organization and work with the business to ensure privacy by design is embedded across relevant business initiatives involving personal information
• Ongoing management of the flow and storage of personal data, internally & externally
• Develop reporting capability and operating rhythm for senior exec meetings

Skills on Resume: 

• Privacy Assessment Leadership (Hard Skills)
• Documentation and Reporting (Hard Skills)
• Client Privacy Requirement Evaluation (Hard Skills)
• Methodology Development (Hard Skills)
• Incident Response Management (Hard Skills)
• Community Engagement (Soft Skills)
• Privacy Education Facilitation (Soft Skills)
• Data Management Oversight (Hard Skills)

Job Summary:

• Develop a thorough understanding of products and services, and controls, policies, and procedures related to information security on-premises and in the cloud, including concerning risk management, organizational security, asset management, human resource security, physical and environmental security, communications and operations management, access control, change control, incident management, business resiliency, and mobile solutions 
• Manage the process regarding responses to client due diligence inquiries and make recommendations to senior members of the Legal 
• Department Create, maintain and update data protection templates and files
• Ensure the timely and accurate completion of requests from clients about information security policies, procedures, and controls, including proprietary and industry-standard due diligence questionnaires 
• Work closely with internal stakeholders throughout the company to draft appropriate and accurate responses to client due diligence questions 
• Manage the communication with client IT, risk, and internal audit employees to address follow-up due diligence questions 
• Manage the review, update, or testing of certain policies and procedures 
• Supervise, train, evaluate, oversee, and provide feedback to junior colleague 
• Perform ad-hoc work on special projects as necessary to support on various client and internal initiatives
• Maintain professional and technical knowledge by attending educational workshops, and professional publications, establishing personal networks, and participating in professional societies
• Contribute to the team effort by accomplishing related results and participating on projects

Skills on Resume: 

• Information Security Expertise (Hard Skills)
• Client Relations (Soft Skills)
• Policy Development (Hard Skills)
• Effective Communication (Soft Skills)
• Training and Mentorship (Soft Skills)
• Project Management (Hard Skills)
• Continuous Learning (Soft Skills)
• Team Collaboration (Soft Skills)