Data Privacy Engineer
United States
Colibri Group
Colibri Group has become the most admired professional learning company in the world, our group is proud to present our 5 million experts and partners...
At Colibri Group, culture is a critical part of our collective success, and we live our values everyday: Love, Joy, Boldness, Teamwork, and Curiosity. These values guide our interactions with each other, our customers, and the community.
Data Privacy Engineer
Colibri Group is seeking a data privacy engineer who will be responsible for ensuring the protection and security of sensitive information within Colibri Group and subsidiaries. The job involves implementing and maintaining data privacy policies, procedures, and technologies to safeguard data against unauthorized access, breaches, and misuse.
What you'll do
Data Privacy Engineer
Colibri Group is seeking a data privacy engineer who will be responsible for ensuring the protection and security of sensitive information within Colibri Group and subsidiaries. The job involves implementing and maintaining data privacy policies, procedures, and technologies to safeguard data against unauthorized access, breaches, and misuse.
What you'll do
Oversight
- Oversee the company’s privacy and security compliance program including maintaining and updating policies and guidance, risk assessments, training materials and other resources.
- Ensure data privacy and security are considered at the outset of new data partnerships, vendor relationships, projects, products, and initiatives.
- Provide guidance on potential opportunities and/or partnerships, identifying legal and regulatory concerns and continually improving processes and procedures.
- Handle inquiries and issues related to data privacy and security practices, including but not limited to responding to costomer requests to exercise their various rights.
- Ensure Record of Processing Activities is maintained.
- Ensure that the sub-processors list is maintained.
- Ensure that clients are notified about subprocessor changes.
Policy Development
- Develop and enforce data privacy policies and procedures in accordance with applicable laws and regulations.
- Collaborate with legal and compliance teams to ensure alignment with privacy laws and industry standards.
Risk Assessment
- Conduct data privacy impact assessments (DPIA’s) to identify and mitigate potential risks associated with data processing activities.
- Evaluate existing systems and processes to identify vulnerabilities related to data privacy.
Data Mapping and Classification
- Identify and classify sensitive data within the organization.
- Create data maps to understand how and where sensitive information is stored, processed, and transmitted.
Privacy by Design
- Work with software and systems architects to integrate privacy measures into the design and development of applications and systems.
- Promote a privacy-by-design approach to ensure data protection from the initial stages of product development.
Privacy by Default
- Whenever possible, promote a user privacy-friendly approach that favors and respects users’ privacy even in jurisdictions that do not demand it.
- Promote a privacy-by-default approach to ensure data protection from the initial stages of product ideation.
Incident Response
- Develop and implement incident response plans for data breaches or privacy incidents.
- Investigate and analyze security incidents, providing recommendations for improvement.
Compliance Monitoring
- Monitor compliance with data protection laws, regulations, and organizational policies.
- Conduct regular audits to ensure adherence to privacy standards.
Training and Awareness
- Develop data privacy training campaigns for employees on data privacy best practices.
- Raise awareness about the importance of data privacy across the organization.
Vendor Management
- Evaluate and manage third-party vendors to ensure they comply with data privacy requirements.
- Review and negotiate privacy terms in contracts with external partners
Data Subject Requests
- Manage and respond to data subject access requests (DSARs and RTBD) in compliance with relevant privacy laws.
- Ensure transparent communication with data subjects regarding the processing of their personal information.
Continuous Improvement
- Stay informed about evolving privacy laws and industry trends.
- Continuously assess and enhance the organization's data privacy program.
Qualifications for this Position
- Expertise in EU and US-based data privacy and security laws and practices preferably as it relates to data aggregators and marketing use of data.
- Familiarity with CCPA and GDPR.
- Familiarity with a privacy management platform.
- Familiarity with OneTrust’s DPIA, Data Mapping, Privacy Rights Automation, and Consent preferred.
- Experience reviewing, drafting and facilitating agreements and contracts preferred.
- CIPP/US, CIPP/E, or CIPM certifications are preferred.
- Familiarity with PIPL, DPDPA, and other regulations preferred.
- Demonstrable independence, self-motivation, professionalism, and proactivity, along with a strong work ethic and a commitment to excellence.
- Highly organized with the ability to research and communicate complex topics with diverse stakeholders and manage diverse projects.
- Strong proficiency in PowerPoint, Excel, Word or other technology to facilitate communicating complex information to stakeholders, manage personal workload, and track projects.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation CCPA CIPP Compliance GDPR Incident response Monitoring Privacy Risk assessment Vendor management Vulnerabilities
Perks/benefits: Career development Team events
Region:
North America
Country:
United States
Job stats:
5
0
0
Category:
Security Engineering Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs