The company is looking for a professional to manage and oversee privacy and product legal team programs, ensuring compliance with global regulations, data governance, and responsible AI principles across existing and future systems. This role aims to embed data privacy and security by design, manage data governance and retention, and implement responsible AI practices to mitigate risks and improve safeguards for information assets.
Requirements
- Technical and organizational skills and experience required to deploy and maintain records and data management tools and inventories as well to deploy data governance processes.
- Advanced skills using the tools and applications necessary for successful completion of the role’s duties, including the Microsoft Office 360 suite of applications, such as Teams and SharePoint, Visio or other tools needed to create data flow maps, and project management tracking applications, such as Asana and Jira.
- Demonstrates knowledge of, or quickly comes up to speed on, key privacy concepts and compliance obligations related to state, federal, and international privacy regulations and laws as they pertain to the company’s privacy program.
- Demonstrates knowledge of, or quickly comes up to speed on, key concepts pertaining to responsible AI and the regulatory landscape for development of AI technologies as well as the risks pertaining to internal use of enterprise AI.
- Advanced understanding of core privacy and data protection principles under the GDPR and/or CCPA, direct marketing techniques, online privacy, or information security.
- Hands-on experience working across teams on initiatives aimed at responsible AI principles or implementation of industry best practices within the realm of AI development and use.
- Strong skills and experience utilizing AI tools for business, such as creating operational efficiencies using OpenAI’s ChatGPT, or the willingness to learn and deploy AI technologies.
Responsibilities
- Conducting privacy risk assessments, business process assessments, privacy incident management, and data subject access requests.
- Maintaining inventory of enterprise AI use cases via the completion of AI Risk Assessments.
- Ensuring alignment between the company´s global cybersecurity, privacy, responsible AI, and data management practices and initiatives.
- Developing and maintaining mechanisms for complying with the GDPR’s Article 30 requirements for data processing logs.
- Developing and leads cross-functional initiatives to collect and maintain an inventory of all internal tools and systems and assigns relevant assessments to business teams where appropriate; flags risks for high-impact systems that have not been approved by all appropriate assessment mechanisms.
- Implementing and oversees appropriate mechanisms for privacy and marketing compliance on the company’s websites and those of its third-party data processors and data brokers, including the use of cookie settings and consents, do-not-sell, opt-ins, webforms, and user preference centers.
- Collaborates with teams in Legal, Information Security, and Information Technology to identify, document, and mitigate privacy and compliance risks through the implementation and maintenance of a centralized risk register.
Other
- Responsible for tactical, operational management of all programs overseen by the Privacy and Product legal team to align with business priorities while ensuring compliance.
- The position will coordinate across senior-level business, engineering, IT, and system administration stakeholders to implement programmatic measures for a variety of initiatives.
- This role will navigate between strategic business objectives and systems/process concepts from the perspective of compliance with current and developing global regulations, governance, and industry best practices.
- Drives appropriate preventive, detective, and remedial controls for privacy risks across the organization as well as for evolving AI regulations.
- Assists with developing and executing data protection, governance, and data management initiatives for cross-functional teams.
