Sr. Director - Privacy Programs
Company: Gateway Recruiting, INC.
Posted on: May 16, 2022
Job DescriptionPosition Summary: The Sr. Director is a key
member of the Legal, Compliance, and Corporate Affairs (LCC)
function and leads the global privacy programs and their
operational management. The Director works with colleagues across
businesses and corporate functions (including Legal, Information
Security, Global Security, Procurement, etc.) to provide global
privacy policies, procedures, and programs which are operationally
executed via an integrated regional/local resource network for
privacy compliance, timely business engagement, and enacting
solutions to issues as they arise. This position is responsible for
collaborating with different business units and jurisdictions,
leading program initiatives, and setting the company's strategic
priorities for successful privacy programs' compliance and
- Define and execute a strategic roadmap and privacy program
ensemble for the company to enable improved privacy decision-making
at a business level, maintain privacy compliance globally, and
operate global privacy programs effectively through an integrated
legal resource network.
- Enhance global privacy policies, SOPs, and procedures/work
instructions to be principle-based, operationally executable by an
integrated resource network, compliant with all regulatory and
legal requirements, and socialized with alignment to an effective
global privacy programs strategy.
- Provide tailored and specific privacy guidance via
operations-driven procedures to regions, affiliates, and businesses
to enable business-led decisions, understanding, and compliance
with global privacy policies, regionally/locally.
- Advise on the design and evaluation of privacy-related projects
so that business development, R&D, marketing and sales, and
related business activities are equipped with fit-for-purpose
privacy principles to act upon.
- Lead privacy officers, associates, and others to ensure
consistent application of company global privacy policies while
addressing local requirements.
- Educate, communicate, and integrate privacy understanding
across the company via program training, communique, and internal
- Provide direction and program guidance for privacy impact
assessments, mitigation plans, reporting, data analytics, audits,
strategies for the business areas to mitigate risks (including
processing personal information, retail and OTC issues, and
third-party access), KPIs, KPRs, etc.
- Provide regular education and communication on privacy
practices, programs, and policies to new hires, existing teams,
externals, and executives.
- Manage associated privacy incident response processes and
maintain records of incidents and remedial action.
- With legal supervision as needed, negotiate business agreements
and/or advise contracting teams on business capabilities, risk
tolerance, and privacy compliance in view of privacy obligations
- Work directly with federal and state regulators to address any
regulatory concerns about the Privacy program and to provide notice
and reporting in the event of a disclosable incident or
- Ensure company privacy policies are current, updated as
required, and properly reflect legal requirements across
jurisdictions in consultation with colleagues and resources,
internal and external.
- Monitor and lead privacy programs to measure and ensure
operational compliance with company global privacy policies across
- Proactively partner with business personnel to identify and
address potential privacy compliance issues and develop solutions
that address the needs of both the business and customers while
satisfying regulatory requirements.
- Collaborate with corporate audit services (CAS) and others to
establish an internal and external privacy audit program.
- Provide support to and directly assist the integrated network
in regional and global privacy projects, education, and program
execution to strengthen privacy programs, education, and business
compliance regionally/locally.Basic Qualifications:
- A bachelor's degree is required.
- Minimum of 8 years working in privacy programs and their
operational execution in a robust corporate environment with at
least two years as lead or deputy, having key responsibility for a
demonstrably stable program.
- Deep knowledge and at least two years of operating a global
privacy program having globally consistent policies which are
deployed via a regional/local integrated resource network affecting
enhanced business decisions and privacy engagement.
- Prior experience building, leading and maintaining privacy and
compliance programs, embracing a principle-based approach, where
privacy matters may be accommodated and handled regionally/locally
via the Program's implementation, as aligned with the above.
- IAPP certification.
- Prior substantive direct experience with customers,
procurement, legal, etc. leading negotiations and finalizing
contractual terms internally/externally to resolve challenging
privacy terms and risk positions.
- Strong technical and technological understanding of data, data
rights, data protection, data privacy, and data-oriented strategies
- Operational experience architecting, executing, and leading
privacy programs that are team-based and business-led.
- Strong data and data analytics background including previous
experience in data-oriented reporting, data, and environment
modeling, predicting, and forecasting privacy events, etc., based
on specific data indicators and signals.
- Strong interpersonal, communication, and writing skills, with
exceptional experience in risk assessment and risk management.
- Prior successful experience working with legal counsel,
compliance staff, and business leadership to define global privacy
requirements, manage privacy program structure, measure program
success through data analytics, and routinely report on outcomes
with improvement strategies.
- Proven experience in running cross-functional projects and
managing programs involving PII, privacy audits,
multi-jurisdictional privacy matters, third-party data rights,
- Strong and active working knowledge of general privacy statutes
across primary jurisdictions, with specific knowledge/skills for
application and compliance strategies for animal health, digital,
business intermediaries, is preferred.
- Prior experience managing others directly and leading moderate
to large teams successfully as a project lead is required.
- Self-starter requiring minimal oversight or direct
- Proven team leader and team player who values each team member,
demonstrably mentors, and grows team members before self, and has
competently and professionally stepped in to assist members in
previous projects to ensure a successful team outcome inspiring a
theme of "winning as a team."
- The candidate must have proven project management experience
with strong judgment and analytical/problem-solving
skills.Additional Skills & Preferences:
- Additional education within ethics and compliance, business
operations with a project management focus, legal, and related
fields, is highly preferred.
- At least three years in animal health, pharmaceutical, or a
medical product / related industry, is preferred.
- CIPM and CIPT certifications are highly desired
- Green Belt or higher, Six Sigma, is preferred.
- Prior active engagement in assisting in early business
development opportunities involving digital ecosystems, encryption,
cybersecurity, and anthropomorphism, is highly desired.
- Project Management or advanced project management Certification
- Prior compliance management experience is desired.
- Management of 3 or more direct reports is preferred.Powered by
Keywords: Gateway Recruiting, INC., Indianapolis , Sr. Director - Privacy Programs, Executive , Indianapolis, Indiana
Didn't find what you're looking for? Search again!