Data Privacy and Compliance Manager

Constellation Brands-posted 29 days ago
Full-time • Mid Level
Chicago, IL
5,001-10,000 employees
Beverage and Tobacco Product Manufacturing
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Manager of Privacy & Data Compliance will partner closely with the Legal department and other stakeholders across the organization to develop and implement a structured process to ensure the privacy of consumer, customer, and employee personal data. The core responsibilities of the role involve building out our privacy program from within Information Security, identifying ways to protect the organization and drive core processes related to privacy and data compliance obligations. This role involves developing, implementing, and managing privacy procedures, conducting risk assessments, and collaborating with various departments to safeguard data according to the information classification schema. Additional responsibilities include identifying, evaluating, and reporting on control opportunities within our technology stack and translating that into Business Risk in a meaningful way to our business stakeholders.

  • Actively manage the organization's privacy program with guidance from Legal and the Privacy Officer.
  • Monitor and assess privacy risks, identifying control weaknesses and recommending improvements to align with regulatory and organizational standards. Oversee privacy operations such as: o Cookie and tracking technology compliance o Data mapping and record of processing activity maintenance o Managing data subject access requests (DSARs) o Providing privacy training and awareness programs to employees
  • Drive privacy governance documentation, including data protection frameworks, records of processing activities, and privacy impact assessments (PIAs).
  • Conduct privacy risk assessments and audits, ensuring alignment with best practices and regulatory requirements.
  • Collaborate with IT, Procurement, and Technology teams to manage third-party data protection risks.
  • Integrate privacy by design considerations into new projects and technologies, ensuring proactive compliance.
  • Interpret and implement requirements of privacy related regulations (GDPR, CCPA/CPRA, New Zealand Privacy Act, Australia Privacy Act, etc.)
  • Monitor compliance with privacy policies and regulations and prepare regular reports for senior management and regulatory bodies.
  • Contribute towards data governance policies and procedures to ensure proper data handling, classification, and lifecycle management, as well as data handling practices, including data collection, storage, processing, and sharing, to ensure compliance with privacy and security standards.
  • Actively monitor and assess control effectiveness, identify weaknesses, and suggest improvements to enhance our security posture and ensure regulatory compliance standards across the IT/OT environments.
  • Build and sustain strong relationships, becoming a trusted partner with line-of-business stakeholder, product teams, and IDS colleagues to promote cross-functional collaboration and drive progress toward shared goals.
  • Identify thematic technology risks and trends throughout product lines and the Enterprise.
  • Ensure timely identification and reporting of technology control gaps due to failed internal procedures, weak controls, and new threats.
  • Ability to quantify and report technology risk and business impact to senior leadership.
  • Demonstrate an ability to prioritize, influence and drive the successful implementation of remediation measures to burn down risk.
  • Work closely with Procurement, Legal, and Technology teams to assess and manage third-party data protection risks.
  • Develop and maintain technology governance frameworks within both IT and OT environments and ensuring alignment with organizational goals.
  • Drive IT/OT policies, standards, and procedures to ensure compliance with relevant regulations (e.g., SOX, GDPR, CCPA, HIPAA, PCI etc.) and industry standards (e.g., ISO, NIST, IEC 62443).
  • Bachelor's degree in Privacy, Data Privacy, Data Protection, Information Security, Risk Management, or equivalent experience
  • 8+ years of experience in Privacy or Data Security, with a focus on information security governance principles.
  • Experience or advanced knowledge of privacy regulations and standards (e.g., GDPR, CCPA, ISO 27701) and IT/OT security frameworks/standards (e.g., CIS, NIST CSF, NIST 800-53, PCI DSS, SOX, IEC 62443)
  • In-depth understanding of privacy laws and regulations, data protection principles, data governance frameworks, and information security best practices.
  • Proven ability to align privacy requirements with technical and organizational objectives.
  • Experience administering and optimizing privacy management tools like OneTrust.
  • Strong understanding of technical and operational risks associated with privacy.
  • Familiarity with digital marketing practices and associated privacy considerations.
  • Excellent communication skills to convey privacy concepts to diverse audiences.
  • Experience or advanced knowledge of data governance and data protection best practices, such as data classification, encryption, transfer, loss prevention and retention themes.
  • Experience with privacy-enhancing technologies, data encryption, access controls, security incident response, and data governance tools.
  • The ability to communicate complex technical risks to non-technical stakeholders to ensure a common understanding and alignment of priorities based on risk
  • Strong verbal and written communication skills and the ability to influence significant change
  • CIPP/CIPM certification preferred
  • CIPP or CIPM certification preferred.
  • We offer comprehensive package of benefits including paid time off, medical/dental/vision insurance, 401(k), and any other benefits to eligible employees.
Track Jobs with Teal

Job Search Resources

Resume Builder
Compliance Manager Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service