The Director Global Privacy is responsible for the global data protection and privacy compliance program to promote the protection and confidentiality of restricted, proprietary, or personal information for both the organization and our clients and ensure that CSG complies with all data protection and privacy laws that apply to CSG’s internal and customer-facing operations. General responsibility for the company’s privacy program, including developing, implementing, and maintaining policies and procedures to ensure compliance with applicable privacy law and the company’s contractual commitments. This includes monitoring and advising the company on all issues related to the protection of personal data under applicable data protection laws, including, by way of example, the General Data Protection Regulation (“GDPR”).
Essential Job Functions:
- Maintain data privacy strategy, roadmap, policies, and procedures.
- Foster a data protection culture within the organization and help to implement essential elements of privacy by design and by default; lead CSG’s Privacy Champions program.
- Strong collaboration with Chief Counsel Global Privacy, Security/CISO, SSUs, business leaders, CIO, and CTO.
- Update leadership on the health and activities of the data privacy practice; Provide senior managers with regular reports on data privacy.
- Procure and maintain tools/technology for execution of the privacy program to enable privacy by design and default.
- Identify privacy-related risks and collaborate with responsible management to address through risk mitigation techniques (includes privacy audits).
- Strong collaboration with CISO to:
- manage data subject requests.
- maintain records, including data flow diagrams and privacy impact assessments.
- facilitate data mapping process to support cross border data transfers.
- Provide comprehensive data protection training and awareness communications to employees involved in data processing; Create training and awareness plans coordinated with other CSG units.
- Provide advice on Data Protection Impact Assessments (DPIAs) and monitor their performance.
- Provide adequate response to and tracking of customer-requested data privacy assessments and questionnaires.
- Assist with completion of BCRS; maintain and update BCRs as needed.
- Regular and reliable attendance is required.
- 7-10 years’ data protection or related compliance experience, combined with recognized data protection qualifications such as CIPP/E, CIPP/M, or FIP
- Experience advising technology companies on data governance matters and applying data protection in business-to-business environments, BSS or telecommunications prior experience helpful.
- Experience with standards, guidance, control frameworks, and regulatory requirements crossing broad business operational areas encompassing risk and governance, information technology, data security and privacy.
- Demonstrated knowledge of global privacy law.
- Experience with evaluating privacy risks and M&A transactions
- Strong leadership and client facing skills.
Knowledge, Skills and Abilities:
- Knowledge and experience with global and US privacy laws, including an in-depth understanding of the GDPR.
- Comprehensive knowledge of data privacy requirements relative to credit card users, consumers, employees in a multi-national environment.
- Practical knowledge of privacy and security requirements, including ISO27001, FTC Act, CAN-SPAM, HIPAA, PCI, etc.
- Familiarity with privacy and security risk assessment and best practices, privacy certifications/seals, and information security standards certifications.
- Technically minded with the ability to analyze data protection and processing issues within the context of IT systems, web-based technologies, and functions.
- Ability to communicate effectively with data subjects, data protection authorities and other controllers and processors across national boundaries and cultures.
- Ability to communicate effectively with senior management and decision-making within the organization.
Bachelor’s degree in Business Administration or equivalent combination of education and experience.
Application Submission Information:
Please apply directly through this link - https://careers.csgi.com/job/CSINUS19337/Director-of-Global-Privacy