Associate Director or Director of Privacy – Technology Services (136218)


Logo

Associate Director or Director of Privacy

Technology Services

University of Illinois at Urbana-Champaign

The University of Illinois at Urbana-Champaign is seeking to hire an Associate Director or Director of Privacy to build on the existing body of privacy work and establish, implement and administer a comprehensive Privacy program for the university. This individual will develop and maintain the university’s privacy policies and procedures, facilitate data governance activities, and will partner with university leadership to ensure that the university adheres to sound and effective privacy practices. The Associate Director or Director of Privacy will report to the Chief Privacy and Security Officer (CPSO) and will have responsibility over all Privacy-related policies and procedures for the university and will partner with the HIPAA privacy officials for any HIPAA privacy issues.

The University of Illinois is an Equal Opportunity, Affirmative Action employer that recruits and hires qualified candidates without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability or veteran status. For more information, visit http://go.illinois.edu/EEO.

Why Work at Technology Services?

Highlights of Employee Benefits (PDF)

Major Duties and Responsibilities – Associate Director:

Operations

  • Serves as University’s privacy subject matter expert (SME)
  • Builds collaborative relationships across the university to work toward privacy, IT policy and data governance goals
  • Identifies privacy-related risks and establishes operational practices and procedures to reduce them
  • Develops methodology and practices for privacy impact assessments and Privacy-By-Design principles
  • Develops, recommends, and maintains privacy policies and procedures for the university and continually ensures that the university’s policies and procedures comply with applicable laws and regulations
  • Understands existing sources of data used by the university, ensures that data in the university’s possession is acquired and used legally and consistently with any restrictions associated with its acquisition
  • Identification and development of unified controls meeting multiple regulatory and policy requirements
  • Exercises independent authority and joint authority with other assurance officers (chief information security officer, chief compliance officer, internal audit, director of university policies, etc.) to develop an environment and foster a culture supporting a high-level of security, compliance, and ethics in university activities
  • Engages stakeholders across the university to develop effective privacy partnerships and privacy engagement
  • Participates in group planning, deliberations, and decisions related to common policies, procedures, and processes; with the group, issues instructions for and facilitates appropriate deployment of new systems and changes in existing systems, in support of these goals.
  • Manages and oversees the development and execution of privacy process across the organization
  • Develops corrective action plans for identified compliance issues and collaborates with operational teams to implement and maintain any required safeguards and remedial measures
  • Keeps relevant business leaders and associates informed of industry trends and updates on data privacy issues and topics
  • Participates in new business initiatives and product development activities to promote and implement functionality necessary to support required compliance capabilities
  • Serves as an external point of contact regarding the university’s data practices and compliance procedures
  • Develops, recommends, and manages privacy training, education, and awareness for students, faculty, and staff
  • Advises and counsels campus constituents on best practices, new technologies, privacy complaints, and potential institution wide risks
  • Contribute to comprehensive incident response plans in the event of an unauthorized disclosure of personal information
  • Coordinates and facilitates formal administrative process for university privacy breaches or incidents

Projects, Program, & Governance

  • In partnership with Security, Compliance, Legal and other groups across campus, creation and execution of operational programs to implement Privacy activities and initiatives
  • Coordinates and facilitates University’s Data Governance activities

Administration

  • Manages, mentors, and coaches a high-performing team
  • Assists with budgets and ensures efficient operational execution
  • Provides regular reporting to stakeholders
  • Participates on unit, university or external committees
  • Networks with university and industry partners

Major Duties and Responsibilities – Director:

Operations

  • Serves as University’s privacy subject matter expert (SME)
  • Builds collaborative relationships across the university to work toward privacy, IT policy and data governance goals
  • Identifies privacy-related risks and establishes operational practices and procedures to reduce them
  • Develops methodology and practices for privacy impact assessments and Privacy-By-Design principles
  • Develops and sets privacy policies and procedures for the university and continually ensures that the university’s policies and procedures comply with applicable laws and regulations
  • Understands existing sources of data used by the university, ensures that data in the university’s possession is acquired and used legally and consistently with any restrictions associated with its acquisition
  • Identification and development of unified controls meeting multiple regulatory and policy requirements
  • Exercises independent authority and joint authority with other assurance officers (chief information security officer, chief compliance officer, internal audit, director of university policies, etc.) to develop an environment and foster a culture supporting a high-level of security, compliance, and ethics in university activities
  • Engages stakeholders across the university to develop effective privacy partnerships and privacy engagement
  • Participates in group planning, deliberations, and decisions related to common policies, procedures, and processes; with the group, issues instructions for and facilitates appropriate deployment of new systems and changes in existing systems, in support of these goals.
  • Manages and oversees the development and execution of privacy process across the organization
  • Develops corrective action plans for identified compliance issues and collaborates with operational teams to implement and maintain any required safeguards and remedial measures
  • Keeps relevant business leaders and associates informed of industry trends and updates on data privacy issues and topics
  • Participates in new business initiatives and product development activities to promote and implement functionality necessary to support required compliance capabilities
  • Serves as an external point of contact regarding the university’s data practices and compliance procedures
  • Develops and sets privacy training, education, and awareness for students, faculty, and staff
  • Advises and counsels campus constituents on best practices, new technologies, privacy complaints, and potential institution wide risks
  • Partners with the Chief Privacy & Security Officer to create comprehensive incident response plans in the event of an unauthorized disclosure of personal information
  • Leads and facilitates formal administrative process for university privacy breaches or incidents

Projects, Program, & Governance

  • In partnership with Security, Compliance, Legal and other groups across campus, creation and execution of operational programs to implement Privacy activities and initiatives
  • Leads University’s Data Governance activities

Administration

  • Manages, mentors and coaches a high performing team
  • Oversees budgets and ensures efficient operational execution
  • Provides regular reporting to stakeholders
  • Participates on unit, university or external committees
  • Networks with university and industry partners

Required Qualifications – Associate Director

  • Bachelor’s degree
  • Three years of prior experience working in a leadership role in a compliance, legal, audit, security, or data management function.
  • Customer engagement / customer service experience.

Required Qualifications – Director

  • Bachelor’s degree
  • Five years of prior experience working in a leadership role in a compliance, legal, audit, security, or data management function.
  • Customer engagement / customer service experience.

Preferred Qualifications

  • Master’s degree
  • Experience creating and managing a Privacy program.
  • Experience and working knowledge of IT Security frameworks (ex: NIST 800, PCI-DSS).
  • Three or more years of prior work experience in a higher education environment
  • Certified Information Privacy Professional (CIPP) or Certified Information Privacy Professional/Information Technology (CIPP/IT)

Knowledge, Skills, and Abilities:

Successful candidates will have:

  • Knowledge and understanding of privacy and security regulations and best practices, including federal, state, international laws, policies and standards
  • Proven record of identifying the need for, developing, and enforcing realistic compliance methods from a risk/benefit analysis standpoint
  • Demonstrated ability to carry out extremely complex initiatives requiring expert knowledge of key business principles and practices
  • Extensive background and participation in collaborative leadership activities in a higher education (or similar) environment with demonstrated results of appropriate and effective business strategies and goals being reached
  • Demonstrated leadership and management skills
  • Demonstrated knowledge and skills in program and project management and analysis, negotiation and conflict resolution
  • Demonstrated strong effective communication ability in presentation and advanced writing skills including reflecting sensitivity to tone, audience and organizational politics
  • Ability to communicate highly-technical matters effectively to non-technical audiences in public or private forums, across a spectrum of groups, from senior leadership to middle management and staff, demonstrating the ability to clearly define a problem/issue, succinctly describe current status, analyze data and draft reports, presentations and other materials
  • Demonstrates the ability to use active listening skills, oral communication skills to speak effectively and demonstrates outstanding writing skills via email, letters and in person to teams and customers
  • Demonstrated understanding of policies and procedures, best practices and management of incident response
  • Demonstrated understanding and experience developing and implementing organization-wide user education and awareness programs
  • Demonstrated understanding of client relationship management, process mapping and improvement, project management and production support

Salary and Appointment Information

This position is a full-time Academic Professional position appointed on a 12-month service basis. The expected start date is as soon as possible after September 15, 2020. Salary is commensurate with qualifications and experience.

To Apply:

Applications must be received by September 15, 2020. Apply for this position using the “Apply for Position” button below. Please create your candidate profile at http://jobs.illinois.edu and upload in one file a letter of application and resume. The online application will require names and contact information for three professional references.

For further information about this position, contact Phil Stanton, Technology Services HR at prstanto@illinois.edu or 217-333-4222.

The University of Illinois conducts criminal background checks on all job candidates upon acceptance of a contingent offer. As a qualifying federal contractor, the University of Illinois System uses E-Verify to verify employment eligibility.

The University of Illinois is an Equal Opportunity/Affirmative Action Employer. The administration, faculty and staff embrace diversity and are committed to attracting qualified candidates who also embrace and value diversity and inclusivity.

© Copyright 2020 Internet Employment Linkage, Inc.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *