Description
:
The Privacy and Data Protection Manager will be responsible for improving the Firm’s Data Loss Prevention (DLP) program, conducting and overseeing data egress investigations, supporting the Firm’s privacy incident and privacy breach response plans, and improving our data protection controls strategies. This role requires Data Loss Prevention (DLP) program experience, including conducting investigations related to data loss, data exfiltration, or unauthorized access or use of data, or experience using eDiscovery solutions or similar technology. The Privacy and Data Protection Manager requires an IT or law firm background, strong investigative and analytical skills, and enjoy working in a fast-paced environment.
Key Responsibilities and Essential Job Functions:
1. Continuous improvement of data loss prevention controls and strategies designed to protect confidential information in compliance with our legal, regulatory and client contractual obligations.
2. Respond to data egress incidents, conduct data loss investigations, and develop and implement corrective action or training plans, as needed.
3. Prepare metrics plans and reporting on the DLP program.
4. Develop incident reporting for senior management.
5. Improve existing investigation policies, processes and procedures.
6. Provide reporting and notification support for privacy-related incidents and breaches, including working with relevant key stakeholders in senior management, and internal/external privacy counsel.
7. Ensure compliance standards, practices, and internal controls are appropriately documented and adhered to.
8. Support the Privacy and Compliance Program’s communication and awareness campaigns, including the identification of training requirements and relevant topics.
9. Conduct compliance risk assessments, develop mitigation or corrective action plans, and communicate and escalate identified risks, as necessary.
10. Support vendor risk management and DPIA programs to ensure third parties comply with the Firm’s privacy and data protection requirements.
11. Facilitate compliance risk mitigation efforts by providing monitoring and oversight of remediation efforts to support ongoing compliance.
12. Support the Firm’s Integrated Risk Management (IRM) program.
13. Provide monthly updates and reporting for the Privacy Information Management System (PIMS) Council.
14. Support the program’s audits and evidence collection processes.
15. Special project and duties as assigned.
Required Qualifications & Education:
16. 5+ years of professional experience (IT, law firm, and/or investigation role experience required).
17. Knowledge and understanding of data handling practices, privacy and data protection principles or data governance required.
Preferred Qualifications & Education:
18. Prior experience using Microsoft-based tools is preferred.
19. Industry standard certification, such as Certified Information Privacy Professional (CIPP) or Certified Information Privacy Manager (CIPM) or similar certification is preferred.
Physical Requirements:
20. Ability to sit or stand for extended periods of time.
21. Moderate or advanced keyboard usage
Benefits: Our goal is to promote a work environment in which individuals have access to the resources they need to be at their best both professionally and personally, which includes resources that encourage individuals to focus on their health and well-being. Below is a list of just some of the benefits we offer: generous paid time off; eleven paid holidays per year; time off for bereavement or jury duty; paid leave for new parents; comprehensive medical (PPO and HDHPs), dental and vision plans including coverage for domestic partners; life and AD&D insurance; short and long term disability insurance; tax-advantaged accounts for health care expenses, including FSA or HSA; FSA for dependent care; supplemental AFLAC policies for medical care; excess liability coverage; health advocacy services; behavioral health and counseling resources for all family members; 401(k); profit sharing; pre-tax transit and parking program; backup care for children and adults; senior care planning support; and resources for individuals with development disabilities and their caregivers.