Job details |
|||||||||||||||||||||||||||||
|
Job Opportunity: Data Security, Privacy & Compliance Manager:OPBJob description: Data Security, Privacy & Compliance Manager Listing description Data Security, Privacy, & Compliance Manager Application instructions for this and all current OPB employment opportunities are available at OPB's careers page. About OPB OPB is a leader in public media, serving diverse communities of the Northwest with fact-located, in-depth news and information about politics, the environment, science, arts, history, and cultures; business, education and more. Powered by the generous support of members, OPB seeks out a variety of voices in our communities and lifts up authentic stories of the people, places, events and issues of the region, providing context and a deeper knowledge. OPB's independent journalism and programs are available atopb.org, on OPB Radio and OPB TV. Follow us on Instagram,YouTubeandFacebook. The Opportunity We're recruiting a Data Security, Privacy and Compliance Manager! The right person for this function will have a solid knowledge of data management concepts and tools, such as data governance, data quality, data security, data architecture, and data analytics. We're looking for Somebody with knowledge of the significant data privacy laws and regulations and how they affect different types of data and industries. Also, you should have excellent communication, leadership abilities, and problem-solving skills, as you will need to collaborate with various teams and stakeholders and handle complex and sensitive data privacy matters. If this sounds like you, we hope you'll apply! Position Details The Data Security, Privacy and Compliance Manager leads OPB's efforts to maintain effective data security and privacy policies and practices. You will be responsible for evolving, developing and implementing data security and privacy strategies and programs, working closely with other data managers, our legal team, technology team, and business stakeholders to ensure that data collection, storage, processing, and sharing are aligned with policies and applicable laws and standards, such as the Oregon Consumer Privacy Act (OCPA). You will monitor and audit our data security and privacy performance and risks and provide guidance and training on data security and privacy best practices and issues. You will stay updated with the changing data security and privacy landscape and regulations, balancing business needs and data security and privacy requirements, managing data security and privacy risks and response to incidents, and fostering a data security and privacy culture and consciousness within the organization. Your efforts will enhance the trust and reputation of OPB, improving our member practice and loyalty, optimizing our data management processes and efficiency, and driving innovation and growth with data security and privacy as an organizational imperative. Responsibilities 50% - Frameworks & Compliance » Collaborate cross-functionally to create and manage a schedule of compliance and legal requirements to ensure our compliance with significant laws, regulations and frameworks including: » Oregon Consumer Privacy Act (OCPA) » Payment Card Industry (PCI-DSS) » National Institute of Standards and Technology (NIST) Governance » Lead committees and activities related to data governance, security, and response. » Lead the documentation of OPB's data map and create a process for auditing and maintaining Information technology annually at minimum. » Coordinate and prioritize efforts in support of the governance committees and teams, and the implementation of policies. » Audit and drive compliance with data collection policies, access, usage, and storage. » Stay updated on the latest data governance and security frameworks and laws, and recommend adaptations to data security, governance strategies and risk mitigation. » Anticipate, communicate, and manage data privacy issues and risks. » Monitor and report, including: » Establish performance metrics and key performance indicators (KPIs) to measure the effectiveness of OPB's data security and privacy efforts. » Provide a quarterly report outlining progress, risks, and recommendations. » Develop and cultivate cross-functional stakeholder relationships, collaborating across teams to align business needs and cross-functional goals. » Be an effective communicator who can simplify complex issues and is adept at making decisions, building and maintaining productive relationships with a wide variety of leaders and staff within OPB. Policies & Procedures » Document and socialize OPB's Data Governance Strategy. » Establish data governance policies, procedures, standards, and responsibilities. » Coordinate regular data security and privacy policy reviews and updates. » Coordinate the activities of Business Data Custodians to ensure compliance with data security and privacy policies. » Coordinate incident exercises/rehearsal; testing that processes and systems work as expected and recommending remediation where needed. 50% -consciousness & Training » Actively engage stakeholders across OPB to increase data security and privacy consciousness and compliance with applicable policies, processes, and laws. » Collaborate with cross-functional teams to integrate security into all aspects of projects, systems, and processes. » Ensure implementation of security procedures and training programs for all employees to foster a culture of security consciousness. » Recruit and train incident response team members and leaders. Assessments » Collaborate with Information Security team members to conduct threat identification and vulnercapability assessments. » Evaluate and recommend improvements to in-house tools and capabilities. » Determine required skills and functions for incident response and recommend in-house and third-party functions. Response & Recovery » Lead OPB's data incident response team and coordinate escalating issues to Senior leadership abilities Group as needed. » Serve as OPB's data incident response coordinator (IRC) during active incidents. » Follow up on previous post-incident reviews; and » Maintain logs and review retention policies for incident response. Working Conditions Typical office environment, including use of a computer during regular business hours. This position could be hybrid with at least 50% of the time onsite. There is everyday contact with OPB staff, and service partners. Limited travel to trainings and conferences. Reports to: Chief of Staff managery tasks: No direct reports. Recruits, leads, and directs the work of interdisciplinary teams that include technical and nontechnical staff, consultants, and vendors.Minimum Qualifications» Bachelor's degree in data management, computer science, or a related field. » 7 years' practice in Information Security or a related field. » An knowledge and level of skills with compliance frameworks such as NIST, OCPA, PCI-DSS, and how they affect different types of data and industries. » Solid knowledge of data management concepts and tools, such as data governance, data quality, data security, data architecture, and data analytics. » practice in risk management, vulnercapability assessment, and security controls compliance. » Excellent communication, leadership abilities, and problem-solving skills and the capability to communicate effectively across a wide variety of situations, stakeholders and sensitive data privacy matters. » Oriented to innovation, problem solving, teamwork, systematic thinking, and the constant pursuit of improvement. » Demonstrated practice effectively managing complex projects, setting and accomplishing goals while managing dynamic priorities. » Demonstrated proficiency working with Microsoft office products and other business systems. » Enthusiasm for the mission of OPB. Preferred Qualifications » Certification in data privacy, such as the Certified Information Privacy Professional (CIPP), will be an advantage as will industry certifications such as CISSP or CISM. Additional Information » This position reports to the Chief of Staff and is benefits eligible » The probable hiring range for this exempt position is between $87,000 - $97,000 depending on qualifications. » For the safety of our employees, the contractors/vendors we work with, and the public we serve, OPB has a mandatory COVID vaccination policy and all employees are required to show proof of vaccination. » This position has access to highly sensitive data and therefore must pass a background check. Organization: OPB Job Job location: Portland, OR United States Job Job Category: Information Technology (IT) Employment Type: Full time Hours Per Week: 40.00 Send Application Materials To: For application instructions, please visit OPB's careers page. You will be asked to create an account, upload your cover letter and resume and answer a few position related questions. Once you click ?submit? you cannot make changes to your application. This position is open until filled. OPB is an Equal Opportunity Employer. Minimum income: $87,000.00 Maximum income: $97,000.00 Website: OPB Email address: E-Mail: hr@opb.org Job Field: Radio and Television
Skills:
|
|||||||||||||||||||||||||||||
|