Primary Responsibilities: The candidate will be responsible for Privacy and Compliance Strategy Planning, which may include the following: Conduct gap analysis and assessment of privacy and risk Management programs, develop a strategic road map to evolve the privacy and risk management programs and fulfill internal and external compliance and privacy audits or assessments. This candidate should have exposure to U.S. privacy and data protection laws and regulations, fair information practices and core privacy and data protection principles, direct marketing techniques, workplace monitoring, financial privacy requirements, online privacy, and information security. Additionally, should be able to work with little supervision while supporting data/security privacy programs as part of the security response team. Good written communication skills required as this person will be responsible for preparation of formal reports and interfacing with key department members to promote data privacy.
Summary of Duties:
- Privacy and Risk Management Strategic Planning
- Conduct gap analysis and assessment of privacy and risk Management programs
- Develop a strategic roadmap to evolve the privacy and risk management programs
- Develop continuous improvements to privacy governance & risk management program
- Enforce Policies and Procedures
- Provide regular program status reports and metrics to management
- Fulfill internal and external program audits or assessments
- Assist in the development and delivery of privacy training and awareness
- Participate in external data privacy-related organizations to share and collaborate on best practices
- Planning, designing and implementing an overall risk management process for privacy.
- Conduct privacy impact assessments to assess and mitigate risks related to processing, transmission and storage of PII data specific privacy-related requirements and potential vulnerabilities, including managing the privacy impact assessment process
- Participate in new business initiatives and product development activities to identify and escalate privacy considerations.
- Collaborate with and assist business units to develop corrective action plans for identified privacy compliance issues.
- Continuously monitor the status and effectiveness of privacy controls
- Ensure privacy-related key risk indicators are effectively monitored to prevent an unacceptable impact on business objectives and reputation.
- Lead and coordinate business group privacy activities, which include implementation and adherence to policies in data privacy and security
- Assist with implementing privacy and data protection requirements, including Privacy by Design architecture
- Support the creation of an inventory that documents how we collect, shares and uses personal data. (Personally Identifiable Information (PII) Inventory and Usage)
- Continually update and re-evaluate the extent to which customer and employee information is collected and shared internally and externally.
- Monitor the data request and usage processes matters for personal data across
- Maintain registry of data stores and processes that affect personal information from associates and customers.
- Participate in security and privacy incident investigations, incident tracking, response plans, and activities related to security and privacy.
- Minimum of a Bachelor’s Degree or equivalent experience
- Minimum 5 years of experience in data privacy program development and management
- International Association of Privacy Professionals (IAPP) Certification – CIPP, CIPM or CIPT ( IS A PLUS )
- Ability to work with key business and technology stakeholders to develop and implement solutions to ensure that appropriate data privacy standards and practices are in place
- Strong program or project management skillset with working experience to manage concurrent initiatives
- Demonstrate ability to understand and articulate the complexity of business processes, and build/develop practical communications plans based upon those needs
- Demonstrated ability to translate business needs into technical requirements
- Experience with OneTrust Tool, Data Crawler Tools ( IS A PLUS )
- Prior data privacy-related consulting experience ( IS A PLUS )
Professional Skills Requirements
- Excellent communication (verbal and written), facilitation, and interpersonal skills, including the ability to face off across all levels of an organization
- Inquisitive, adaptive, and agile learner
- A hands-on privacy practitioner with the ability to shift between operational and strategic mindsets
- Highly motivated self-started with the ability to work collaboratively and independently
- Demonstrated ability to navigate unstructured processes and to simultaneously manage responsibilities of multiple/concurrent work streams and competing demands
- Demonstrated competency in thinking strategically, analytically, conceptually, and innovatively, including the ability to synthesize and analyze data
- Ability to flourish in a challenging, fast-paced, constantly evolving environment, operate with high standards and integrity, and exhibit excellent multi-tasking skills
- Demonstrated ability to build relationships, establish trust, and form effective alliances across teams and functions to ensure optimal end-to-end delivery
- Demonstrated commitment to high quality and attention to detail
- Demonstrated ability to work cross-functionally with multiple stakeholders and competing priorities
Epson America, Inc. is an Equal Opportunity/ Affirmative Action Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, disability and protected veteran status, as well as any other characteristic protected by federal, state or local law.