Privacy Manager

About The Position

Requirements

• Deep understanding of privacy laws and frameworks (e.g., GDPR, CCPA, HIPAA, etc.)
• Experience conducting Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs)
• Knowledge of privacy-by-design and privacy-by-default principles
• Familiarity with data subject rights and incident response processes
• Experience with privacy compliance tools and platforms (e.g., OneTrust)
• Ability to assess and prioritize privacy risks based on impact, likelihood, and control strength
• Strong analytical thinking and problem-solving skills
• Ability to translate complex privacy concepts into clear, actionable guidance
• Strong cross-functional stakeholder management and consensus-building skills
• Proven ability to manage multiple privacy initiatives simultaneously
• Experience leading privacy programs/projects from planning to execution
• Bachelor's Degree plus 5-7 years of work experience OR High School Diploma/GED plus 9-11 years of work experience
• 3-5 years of experience in privacy risk management/privacy program management, preferably in a healthcare or technology company

Nice To Haves

• Certified Information Privacy Professional (CIPP) (Preferred)
• Certificate in Investment Performance Measurement (CIPM) (Preferred)

Responsibilities

• Advance Enterprise Privacy Capabilities Proactively identify, assess, and prioritize privacy risks based on likelihood, impact, and control effectiveness. Develop scalable solutions to strengthen the organization’s privacy posture.
• Embed Privacy by Design Lead Privacy Impact Assessments (PIAs) for internal tools, processes, products, and services. Collaborate with cross-functional teams to implement privacy-by-design and privacy-by-default principles.
• Manage Privacy Incidents and Requests Oversee resolution of privacy complaints, data subject rights requests, and remediation efforts. Coordinate with legal and business stakeholders to ensure timely and compliant responses.
• Document and Communicate Risk Create clear, actionable documentation of assessment findings, mitigation strategies, and progress updates for stakeholders and leadership.
• Drive Privacy Awareness and Training Develop and deliver engaging privacy training and communications to promote awareness, accountability, and compliance across the organization.
• Monitor Compliance and Metrics Track, analyze, and report on key privacy compliance metrics to inform decision-making and continuous improvement.
• Optimize Privacy Technology Manage and enhance the use of privacy platforms for automation, assessments, and reporting to improve efficiency and compliance.
• Support Legal and Regulatory Activities Assist with contract reviews, audits, regulatory inquiries, and data breach response efforts in collaboration with legal and compliance teams.
• Influence Product Development Partner with product and engineering teams to integrate privacy considerations into the development lifecycle.
• Stay Ahead of Regulatory Change Monitor evolving privacy laws, regulations, and industry trends to ensure the organization remains compliant and innovative.