Job Description

Description:

Seeking a Sr. Data Security Strategist who will be responsible for studying the uses of PII(personal identifiable info) data, work with the Sr. Data Privacy Analyst to understand the lifecycle of data, identify the gaps in the controls then determine how to secure it. This position will also be involved in Data Privacy and Security Risk Management program to assist with identifying Data Privacy and Security Risks then evaluating and designing People, Process and Technology Controls, Countermeasures or Compensating Controls to ensure PII data is secure.

The ideal person will have a technical background within security to understand how things should be fixed and experience on how to effectively deploy the changes in an environment.

Core Responsibilities Privacy and Risk Management Strategic Planning • Conduct gap analysis and assessment of privacy and risk Management programs • Develop a strategic roadmap to evolve the privacy and risk management programs

Privacy Governance and Reporting • Develop continuous improvements to privacy governance • Enforce Policies and Procedures • Review Policies and Procedures quarterly to ensure accuracy • Provide regular program status reports and metrics to management • Fulfill internal and external program audits or assessments • Assist in the development and delivery of privacy training and awareness • Participate in external data privacy-related organizations to share and collaborate on best practices

Risk Management • Planning, designing and implementing an overall risk management process for privacy. • Conduct quarterly privacy risk assessments to ensure all risks to protected customer information are documented. • Prepare quarterly “Top 5 Risks” report for the Confidentiality Committee • Develop continuous improvements to the Risk Management Program

Privacy Impact Assessments • Conduct privacy impact assessments to assess and mitigate risks related to processing, transmission and storage of PII data • Determine specific privacy-related requirements and potential vulnerabilities. • Participate in new business initiatives and product development activities to identify and escalate privacy considerations. • Manage the privacy impact assessment process • Conduct regular privacy impact assessments to ensure that privacy policies are being adhered to

Privacy Compliance Monitoring • Ensure that business units, IT and vendors are complying with privacy program and meeting privacy policy requirements and address privacy concerns. • Collaborate with and assist business units and IT to develop corrective action plans for identified privacy compliance issues. • Continuously monitor the status and effectiveness of privacy controls • Ensure privacy-related key risk indicators are effectively monitored to prevent an unacceptable impact on business objectives and reputation. • Lead and coordinate business group privacy activities, which include implementation and adherence to policies in data privacy and security • Assist with implementing privacy and data protection requirements, including Privacy by Design architecture

Personally Identifiable Information (PII) Inventory and Usage • Support the creation of an inventory that documents how personal data is collected, shared and used. • Continually update and re-evaluate the extent to which customer and employee information is collected and shared internally and externally. • Monitor the data request and usage processes matters for personal data • Maintain registry of data stores and processes that affect personal information from associates Qualifications

1. Minimum of a Bachelor’s Degree, but an advanced degree is desirable
2. Minimum 10 years of experience in data privacy program development and management
3. Minimum 8 years of professional experience within the financial services industry, preferably automotive captive-finance or consumer banking
4. Demonstrated knowledge of data privacy requirements that are relevant to the operation of a financial services company
5. Well-rounded understanding of general financial services processes, related operations, technology, compliance and audit functions
6. Ability to work with key business and technology stakeholders to develop and implement solutions to ensure that appropriate data privacy standards and practices are in place
7. Strong program or project management skillset with working experience to manage concurrent initiatives
8. Demonstrated ability to understand and articulate the complexity of business processes, and build/develop practical communications plans based upon those needs
9. Demonstrated ability to translate business needs into technical requirements
10. Prior data privacy-related consulting experience from a top tier consultancy focused on the Financial Services industry is beneficial
11. Experience with incident root cause analysis, process improvement or business continuity management a plus

Professional Skills Requirements

1. Excellent communication (verbal and written), facilitation, and interpersonal skills, including the ability to face off across all levels of an organization
2. Inquisitive, adaptive, and agile learner
3. Data steward, understands ownership and protection using people process and technology.
4. A hands-on privacy practitioner with the ability to shift between operational and strategic mindsets
5. Highly motivated self-started with the ability to work collaboratively and independently
6. Demonstrated ability to navigate unstructured processes and to simultaneously manage responsibilities of multiple/concurrent work streams and competing demands
7. High emotional intelligence, flexible, and resilient
8. Demonstrated competency in thinking strategically, analytically, conceptually, and innovatively, including the ability to synthesize and analyze data
9. Ability to flourish in a challenging, fast-paced, constantly evolving environment, operate with high standards and integrity, and exhibit excellent multi-tasking skills
10. Demonstrated ability to build relationships, establish trust, and form effective alliances across teams and functions to ensure optimal end-to-end delivery
11. Demonstrated commitment to high quality and attention to detail
12. Demonstrated ability to work cross-functionally with multiple stakeholders and competing priorities

Company Description

TenTek has been in business since 1989, and is recognized as a leading staffing provider of tech professionals to a growing client base.