Manager of Privacy and Compliance

  • Category
  • Location
    Watertown, Massachusetts
  • Type
    Direct hire
Job Summary:
The Manager of Privacy & Compliance manages governance, risk, and compliance.  The position actively works to align internal information Security program with business objectives while creating strong business relationships in the process.   

Reporting to the Director, Information Security & Risk Management, the Manager of Privacy & Compliance is responsible for the following:
  • Managing the Privacy & Compliance team, with help from the Director, Information Security & Risk Management and the heads of Enterprise IT.
  • Partnering with management and cross-functional project teams to develop creative solutions to balance business goals with legal and regulatory risk.
  • Raising stakeholder awareness of common privacy issues and responses
  • Managing external security assessments and audits (ISO 27001, NIST CSF)
  • Evaluating business systems and vendors for conformance with privacy policies, standards, and program objectives. Translating privacy requirements into operational and technical requirements.
  • Maintaining a current understanding of control frameworks including ISO 27001 and NIST CSF
  • Maintaining a thorough understanding of GDPR privacy requirements and compliance requirements under PCI DSS
  • 5+ years of business systems analysis and operations, risk management, compliance, project and management
  • 2+ years of experience in a privacy program management role
  • Proven ability to balance multiple priorities, adapt to a constantly changing business strategies, work independently, drive projects to completion, and meet deadlines
  • Ability to develop strong business relationships while keeping risk management in alignment with business objectives and regulatory and privacy requirements
  • Understanding of system development and business process management
  • Experience translating business rules or policies into functional or technical requirements or user stories.
  • Knowledge of U.S. and European privacy and security laws and industry leading practices
  • Strong analytic, organizational and communication skills
Education and Certifications
  • Information Privacy and Security Certifications (e.g., CISSP, CISM, CDPSE, CIPP, CIPM,) preferred
  • Bachelor's degree in a related discipline or equivalent practical experience
Related Jobs
  • Development Tech lead - Web
    Responsibilities of role: Create and maintain quality code for the functionality of our customer-facing websites Demonstrate technical leadership with hands on accountability for the end-to-end delivery of web solutions, development, automated te
    • Boston, Massachusetts
    • Contract to hire
  • Web QA engineer
    The Web QA Engineer will be responsible for developing and executing functional tests to ensure product quality that meets established standards including reliability, usability, and performance. You will create test cases, execute test cas
    • Boston, Massachusetts
    • Contract to hire
  • ETL Developer
    ETL Developer - Hybrid - Boston, MA - 3 days onsite - Must be full vaxxed Position Responsibilities: As a part of the Data Warehouse Team, implement technology improvements to internal Enterprise Data Warehouse environment Implement and enhance
    • Boston, Massachusetts
    • Contract to hire
Ready to work with us?