GDPR Project Manager
- Support s privacy compliance program and CCPA short / long term goals.
- Work collaboratively with Information Security and Risk Management to prioritize compliance and risk remediation efforts.
- Work with designated Data Privacy Officer (DPO), Information Security, Enterprise Technology and Legal Affairs departments to ensure consistent application of data privacy policies and practices.
- Ensure the successful development, implementation, and sustainment of CCPA compliance by allocating privacy resources and prioritization of compliance tasks such as data handling, retention, and deletion.
- Identify data compliance risks and improvement opportunities, working collaboratively with all stakeholders to address appropriate mitigation strategies.
- Schedule data privacy stakeholder interviews and Privacy Impact Assessments. Ensure the accuracy of interview documentation, record inventories, and understanding of data management practices.
- Track vendor management data processing procedures and process flows.
- Support consumer privacy training and awareness programs to stakeholders that handle personal information, and monitor completion progress.
- Monitor the alignment of privacy practices with regulatory requirements and track consent, such as data subject access request, intake, and response control mechanisms to provide for timely responses to exercise rights requests.
- Report weekly on Key Performance Indicators (KPIs) and as needed for escalation purposes.
- Four-year degree in computer science or related combined work/education experience.
- Three to five years of experience managing information security compliance programs.
- A minimum five years of project management experience in a corporate setting.
- Certified Information System Auditor (CISA), Certified Information Security Manager (CISA) or other equivalent certification in Data Privacy.
- Ability to analyze complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner.
- Experience with NIST and ISO/IEC 27001 frameworks and audits.
- Familiarity with European Data Privacy requirements (e.g. GDPR) a plus.
- Strong verbal and written communication skills.
- Excellent interpersonal skills.
- Strong attention to detail, well-organized, and able to manage time efficiently.
- Team player with ability to deal effectively with individuals at all levels.
- High degree of initiative requiring little or no supervision, sound judgment, and the ability to prioritize assignments, solve problems, and meet deadlines.
- Ability to produce high-quality work in a timely fashion in a fast-paced environment.