Duties and Responsibilities
- 35% - Leads and manages the design, implementation and execution of strategic customer privacy initiatives to minimize $750 million in potential enterprise customer privacy risk. Responsible for implementation and adherence to regulatory rules and business controls specific to customer privacy. Identifies and mitigates privacy risks in business processes and projects. Assists business and project teams with discovery, selection, validation and testing of privacy standards and controls consistent with company policy, legal mandates and privacy principles including the Generally Accepted Privacy Principles, and Privacy by Design. Assesses third party, vendor and contractor privacy capabilities as part of allowing these third parties to process SDG&E customer information.
- 20% - Regularly represents company interests and positions and leads collaborative efforts with regulatory authorities, key stakeholders, and other utility counterparts on customer privacy matters. Frequently represents customer privacy matters to senior executive leadership and provides guidance on policy decisions, including risk assessment and recommendations on risk mitigation. Assumes responsibility for key Office of Customer Privacy activities as required by Customer Privacy Manager or when Manager is unavailable.
- 15% - Develops and publishes privacy standards and controls, both technical and business process based on new legal mandates or other company-driven criteria. Maintains repository of privacy controls and customer information inventory for Privacy Impact Assessments.
- 15% - Researches, evaluates, recommends, designs and implements new privacy solutions, standards and controls into the enterprise based on privacy best practices.
- 10% - Develops and manages enterprise customer privacy training. Drives awareness of customer privacy across the company, and with third parties that process SDG&E customer information.
- 5% - Performs other duties as assigned (no more than 5% of duties).
- Bachelors or equivalent experience in computer science, information security, business, auditing related degrees.
- IAPP certification is a plus.
- Ten years or more experience in privacy, compliance, auditing and/or information security positions.
- Experience with California and California Public Utility Commission laws and regulations regarding privacy is preferred.
- Experience with cyber security, auditing and/or controls testing is preferred.
- Mindset for leading others to apply privacy principles, including data use transparency and customer choice, and a working knowledge of Privacy by Design and/or the Generally Accepted Privacy Principles in practical business applications.
- Solid understanding of cyber security principles is desirable, and strong candidates will know the difference between privacy and security.
- Excellent written, verbal and presentational communication skills
- Self-starter who can function equally well individually or as part of a project team.
- Travel is uncommon but may be required on occasion (estimated 5%).
Application Submission Information:
Please apply using this link: https://recruiting.adp.com/srccar/public/RTI.home?c=2168707&d=SempraSDGE&r=5000411158206#/