Compliance Jobs

Senior Compliance and Data Privacy Manager, Hospitality, Miami, FL (On-Site)

By January 9, 2023 No Comments

 Senior Compliance & Data Privacy Manager – Hospitality Company – Miami, FL (On-Site)

An affiliate of the worldwide representative for a collection of exclusive resorts — is seeking a forward-thinking Sr. Compliance & Data Privacy Manager to join its remarkable Miami-based, compliance team.

We provide exclusive, marketing, public relations, advertising, promotions, and creative services to showcase the Luxury Included experience, which guests have come to adore for 40 years.

JOB DESCRIPTION:  As a Sr. Compliance & Data Privacy Manager you will work closely with the Legal & Compliance Departments to develop and monitor policies and standard operational procedures applicable to the business and in compliance with worldwide regulatory law, acts, statutes, and the like. You will be responsible for educating the company and its employees about compliance, training staff involved in data processing, and conducting regular security audits. The requirement of the role is to ensure that all applicable organizational processes of personal data for staff, customers, providers, or any other individuals (also referred to as data subjects) in compliance with the applicable data protection rules. A successful Sr. Compliance & Data Privacy Manager will serve as the point of contact between the company and any relevant supervisory authorities that oversee activities related to data including (but not limited to) the monitoring of Compliance with relevant data protection laws, statutes, acts, regulations, and the like, creating data protection impact assessments, cooperating with supervisory authorities, applying a risk-based approach, and keeping records.

JOB ROLES AND RESPONSIBILITIES:

  • Implementing measures and a privacy governance framework to manage data use in compliance with the GDPR and U.S. & Canada (states & provinces equivalent), including developing templates for data collection, assisting with data mapping, and vendor management reviews.
  • Collaborating with key internal stakeholders in the review of projects and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments.
  • Serving as the primary point of contact and liaison for the [Lead Supervisory Authority] and other EEA Data Protection Authorities on all data protection related matters under the GDPR and U.S. & Canada (states & provinces equivalent).
  • Serving as the primary point of contact for queries in the business.
  • Drafting policies and procedures to meet global requirements under GDPR, CCPA / CPRA and all other U.S. & Canada (states & provinces equivalent) regulations along with any other requirements pertaining to countries of operation.
  • Reviewing vendor contracts (including Model Clauses) and consents needed to implement projects in partnership with the firm’s Procurement and Information Security functions and ensuring filing requirements with local regulators are achieved.
  • Participating in the [Data Privacy / Information Governance] Committee.
  • Managing and conducting ongoing reviews of Company’s privacy governance framework [including Binding Corporate Rules (BCR)3]
  • Monitoring changes to applicable global privacy and regulatory laws and making recommendations to the Data Privacy Compliance Team and the Data Privacy Information Governance Committee when appropriate.
  • Setting standards and reviewing policies and procedures globally that meet the requirements under the GDPR and U.S. & Canada (states & provinces equivalent), and any localization requirements in countries of operation.
  • Developing and delivering privacy training to various business functions.
  • Developing strategies and initiatives to ensure engagement with key internal and external stakeholders.
  • Coordinating and conducting data privacy and regulatory compliance audits to all Group offices.
  • Collaborating with the Information Security function(s) to raise employee awareness of data privacy and security issues and providing training on the subject matter.
  • Collaborating with the Information Security function(s) to maintain records of all data assets and exports and maintaining a data security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests (SARs).
  • Ensuring that the Company’s IT systems and procedures comply with all relevant data privacy and protection law, regulation, and policy (including in relation to the retention and destruction of data).
  • Working with designated privacy law attorneys across the Company’s offices and, where necessary, outside counsel to help advise on local data privacy law issues.
  • Actioning all Data Subject Requests within the appropriate timeframes.
  • Additional tasks as may be required and advised of.
  • Promoting effective work practices, working as a team member, and showing respect for co-workers.

COMPETENCE REQUIREMENTS:  To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Qualifications include:

  • Strong knowledge of EU / U.S. / Canada data privacy and data protection regulation, and a good understanding of other major privacy frameworks and evolving legislation worldwide.
  • Sufficient knowledge of information technology and data management systems required.
  • Well-developed and professional interpersonal skills; ability to interact effectively with people at all organizational levels of the firm.
  • Familiarity with the following: Personal Information Protection & Electronic Documents Act (PIPEDA), Canadian Anti-Span Law (CASL), Telephone Consumer Protection Act (TCPA), Fair
  • and Accurate Credit Transactions Act (FACTA), etc.
  • Experience of working in a large, global organization.
  • Ability to work unsupervised, exercise leadership, and influence change.
  • Excellent writing and presentation skills.
  • Strong change and project management skills, including the ability to manage time well, prioritize effectively, and manage multiple deadlines.
  • Ability to undertake large, long-term projects, develop alternative methods to complete them, and implement solutions.
  • Ability to use independent judgement and discretion when making majority of decisions.
  • Meticulous approach needed to recommend and implement strategic improvement on a range of data privacy and data protection issues.
  • Ability to manage confidential and sensitive information with the appropriate discretion.
  • Knowledge of PC applications, including MS Office.
  • Some travel will be required
  • The statements contained in this position description are not necessarily all-inclusive; additional duties may be assigned, and requirements may vary from time to time.

EXPERIENCE:  Outlined below are the academic qualifications and length and type of experience deemed necessary in order to perform the role of Sr. Compliance & Data Privacy Manager competently.

  • 1-year PQE experience required.
  • Hold at least one Data Protection and/or Privacy certification such as, CIPP (preferred), CIPT, ISEB, IBITGQ, etc.
  • Experience in US and/or EU data privacy laws.
  • 1-year experience within a compliance, legal, audit and/or risk function, with recent experience in privacy compliance.
  • Experience in developing policy and compliance training.

Application Process for Senior Compliance and Data Privacy Manager
Qualified professionals should submit resume to Heather Smith: heather@conselium.com

Published by Conselium Executive Search, the global leader in compliance search.  
close

PLEASE follow us!

Twitter
LinkedIn