Manager, Data Privacy - Data Management, Collins Aerospace, Remote

The Data Management Office within the Connected Aviation Solutions (CAS) organization is a newly formed organization with end-to-end responsibility to ensure that Collins Aerospace data assets are managed with integrity and quality prior to consumption by our critical applications and customer facing solutions.  Having just recently completed an organization-wide detailed assessment, a 3-year / $30M roadmap has been developed, approved and funded and is ready to begin implementation.  Within this organization we are now seeking a candidate to lead up our Data Compliance Office. The position applies the candidate’s acquired privacy skills and experience with a wide breadth of business expertise, problem solving and team building skills. The role will be tasked with facilitating compliance with regulatory (i.e. General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA)) and other relevant privacy and data protection laws through transparent data protection policies, systems and procedures. This position will report to the Head of Data Governance on the CAS Data Management Team but will also support the Office of General Counsel (OGC) Privacy Office.

The successful candidate for this position will establish processes to instill full trust in Collins Aerospace data so that these assets may be used with full confidence in applications, analytics and platforms for customer and internal consumption.

This position will collaborate heavily with Collins Aerospace privacy office within the Office of General Counsel (OGC) and will be a focal point within the Data Management organization to advise and collaborate with teams to ensure our organization is meeting regulatory and compliance standards.

Employees who are working in Remote roles will work primarily offsite (from home).  An employee may be expected to travel to the site location as needed.

Primary Responsibilities:

  • Program Design / Implementation / Remediation:
    • Create data privacy policies and procedures specific to CAS - e.g. developing data retention schedules of CAS products and service offerings.
    • Assist in the design of a process to handle personal data records, access/deletion requests, correction, portability, and other data subject access matters through industry best practice research, benchmarking etc.
    • Collaborate with program management team to implement various privacy projects related to the implementation of privacy compliance programs.
    • Work with the business to ensure robust privacy program implementation, and continuous improvement opportunities as may be identified through internal audits and assessments.
  • Privacy Accountability Programming:
    • Review and approve Privacy Impact Assessments (“PIAs”) across all CAS business units and central functions to ensure proper implementation of corporate privacy policies are in place for the business team and their applications.
    • Provide support for and drive completion of periodic updates in personal information data inventories (“PIDIs”).
    • Assist in annual roll-out of the company Privacy Self-Assessment (“PSA”); coordinate the assessment review to identify, prioritize and evaluate privacy and program gaps.
    • Develop and administer 3rd party assessments tailored to CAS service providers to streamline the process.         
  • Programmatic Management / Communications:
    • Be able to lead training and actively participate in the communication of the Privacy Program to help instill a culture within the organization through communication of policies, procedures and standards.
    • Serve as a resource for ECOs, legal, and HR and employees generally with privacy compliance related inquiries.
    • Serve as resource for general privacy questions and matters—e.g., assist in Data Processing Agreement negotiation.
  • Privacy by Design:
    • Conduct privacy impact assessment interviews with company business groups to ensure privacy by design principles into company programs, products and services.
    • Work closely with CAS Engineering and Security teams to implement ‘privacy by design’ compliant product offerings.
    • Coordinate with Quality and Engineering to ensure that privacy considerations are reviewed as part of the new product onboarding process for new products, services, and IT solutions.
  • Data Privacy Officer (“DPO”) Support:
    • Provide support to the CAS DPO as tasked.
    • Support local HR/IT teams in handling complaints, inquiries, and records access requests from individuals regarding the handling of personal information by the businesses.
    • Coordinate with the Privacy Advisory Committee, local Data Protection Officers (“DPOs”), and the RTX Privacy Office, including participating in monthly coordination calls.
    • Work with the CAS business units to address program questions about data privacy in RFIs, RFPs, data privacy questionnaires, and other channels.
    • Review privacy requirements in new and existing contracts to advise contracts, legal, and business unit staff as needed.
  • Security/Data Breach Incidents:
    • Take part on “Incident Response Team (“IRT”) teams as privacy representative for data breach and security events when relevant to businesses within scope.
    • Investigate claims and incidents and develop reports in support of corporate records logs.
    • Work with Collins Privacy Office Team to help assess regulatory responsibilities.

Basic Qualifications:

  • Bachelor’s degree and 8 years of prior relevant experience. OR
  • Advanced Degree in a related field and minimum 5 years of experience. OR
  • In absence of a degree, 12 years of relevant experience is required.
  • Engineering/Other Technical Positions: Bachelor’s degree (typically in Science, Technology, Engineering or Mathematics (STEM)) and a minimum of 8 years of prior relevant experience unless prohibited by local laws/regulations.
  • Must be a U.S. Citizen or a U.S. Person/Permanent Resident “Green Card” holder.

Required Qualifications:

  • Ability to analyze complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner.
  • Ability to communicate and adapt regulations and principles to business unit and cybersecurity engineering personnel to assist in the definition of actionable requirements for service design and remediation.
  • Capability to promote privacy program objectives through strong knowledge of privacy laws (e.g., GDPR) and professional/persuasive demeanor.
  • Excellent judgment. Demonstrated ability to find practical, risk-based solutions to compliance issues. In all cases be able to balance regulatory requirements and customer relationships with engineering burden.
  • Highly collaborative team player with demonstrated ability to be flexible, diplomatic, persistent and energetic.  Comfortable with ambiguity, open to change, working in a fast-paced and fluid environment.  Able to navigate and be successful in both “start-up” and established, larger company environments. 
  • Excellent written and oral communication skills, problem solving, leadership skills, relationship building.
  • Ability to produce quality work in a fast-paced environment with multiple competing deadlines.
  • High degree of integrity and self-motivation.
  • Works independently and takes initiative and action to respond, resolve, and follow up regarding all issues in a timely manner.
  • Certified Information Privacy Professional (CIPP), Certified Information Privacy Technologist (CIPT), or other equivalent certification in data privacy.

Preferred Qualifications:

  • Demonstrated experience performing risk or privacy impact assessments.
  • Understanding of privacy regulations (i.e., GDPR, PIPL or CCPA).
  • Demonstrated experience working collaboratively with Compliance, OGC and Product Management teams.
  • Demonstrated experience with data privacy or privacy incident handling and remediation.
  • Demonstrated experience handling privacy requests and complaints.
  • 2+ years of direct experience in implementing and managing privacy program(s).

Collins Aerospace, a Raytheon Technologies company, is a leader in technologically advanced and intelligent solutions for the global aerospace and defense industry. Collins Aerospace has the capabilities, comprehensive portfolio and expertise to solve customers’ toughest challenges and to meet the demands of a rapidly evolving global market.

Our Connected Aviation Solutions team provides advanced information management systems, products and services that enable the connected ecosystem by bringing together Collins’ unique breadth of aviation, surface transportation and critical infrastructure products with our smart digital solutions to help us enhance every aspect of the end-to-end travel experience. We help airlines, airports, business aircraft and rail operators turn data into value to streamline operations, increase efficiency and reduce cost, enhance the passenger experience and contribute to sustainable flight. By combining the best networks, connectivity and data/analytics solutions, we’re solving big problems for our customers and the world, while enhancing the security and connectivity of systems both on and off the aircraft, to help operators and passengers stay more connected and informed and create a more sustainable, efficient, reliable and enjoyable travel experience. Aviation connects the world. Our Connected Aviation Solutions team connects aviation. Sustainably. Seamlessly. Securely.

Application Submission Information:

Manager, Data Privacy – Data Management (Remote) in Annapolis, Maryland, United States of America | Engineering at Raytheon (rtx.com)