Manager- Data Privacy Review and Remediation

Major accountabilities:

• Plan, prepare and coordinate Data Privacy (DP) reviews with stakeholders such as DPDAI and ERC
• Conduct Data Privacy and AI reviews independently as per annual plan while working in close collaboration with internal stakeholders including ERC, ISC (Information Security Compliance), Internal Audit, Legal and business owners
• Draft and Publish high quality DP review reports and coordinate conclusion of review with relevant stakeholders, ensuring high quality outcomes that address root causes and support meaningful remediation actions and adherence to agreed methodology
• Coordinate and support/advise business owners on remediation of actions identified during Data Privacy reviews while following a risk-based approach
• Verify evidence of implementation of remediation and update in system
• Document the implementation of remediation action plans and closure of remediations within system as applicable
• Assume responsibility for assigned tasks to build and improve Data Privacy review and remediation processes and tools
• Support building review process around AI on top of existing Data Privacy review and remediation program.
• Enables constant improvement and efficacy of Data Privacy and AI review and remediation process by leveraging analytical and governance, risk and compliance skills to identify trends and themes of opportunity areas
• Contribute to the ongoing reporting, KPI tracking and governance requirements as applicable
• Contribute to development, continuous improvement and maintenance of Data Privacy and AI review and remediation methodology, framework and tools
• Apply continuous learning, personal growth and self-improvement, and have expert knowledge regarding Data Privacy risks

Key performance indicators:

• Ensure accountability and efficient execution of Data Privacy and AI reviews
• Track timely and efficient completion of remediation actions.
• Timely, accurate and complete record keeping for end to end process.
• Develop and maintain credible relationships with key stakeholders to ensure collaboration and appropriate influence to achieve needed outcomes established.
• Meet operational KPIs.

Minimum Requirements:
Work Experience:

• Bachelor's Degree or equivalent university education in business, finance, law, or any other relevant subject matter.
• Data Privacy certification such as CIPP/E, CIPP/US, CIPT.
• Law / Business / Bachelor’s degree with recognized education/certification in Data Privacy and/or Risk Management and/or Information Security.
• Experience in a highly regulated industry with a dynamic regulatory framework.
• Pharma/ Healthcare industry is a plus.
• Comprehensive understanding of Data Privacy policies, guidelines and regulatory requirements.
• Proven ability to lead complex projects and collaborate within and across cross-functional teams and business units, in a matrix environment, including reporting to senior management.

Skills:

• Business Networking.
• Compliance Management.
• Compliance Risk.
• Curiosity.
• Flexibility.
• Law (Legal System).
• Leadership.
• Operational Risk.
• Operational Risk Management.
• Regulatory Reporting.
• Risk Control.
• Risk Management.
• Senior Management.
• Software Frameworks.

Languages :

• Fluent in English; multi-lingual preferred