Privacy Operations Manager

Job Summary

We are seeking a highly organized, detail-oriented and tech savvy Privacy Operations Manager to operationalize Precision Medicine Group Privacy Program. This role is critical in ensuring our organization complies with global data protection regulations, manages privacy risks effectively, and maintains trust with customers, employees, and partners.

Key Responsibilities

• Privacy Program Operations
• implement and maintain privacy relevant procedures, processes as well as technical and organizational measures and standards.
• Maintain and improve privacy processes, e.g. data onboarding, repurposing, retention or deletion, as well as data subject access requests, incident response, and privacy impact assessments (PIAs).
• Execute privacy relevant internal monitoring / audits against operational privacy requirements.
• Data Subject Rights and Incident Review
• Oversee the intake, tracking, and fulfillment of data subject access requests (DSARs). Ensure timely and accurate responses in accordance with legal requirements.
• Support QA and IT functions in review of privacy incidents, allocation them to appropriate workflows, developing review standards, checklists and templates facilitating quality driven efficient incident management

• Privacy Risk Management
• Conduct privacy risk assessments and audits against risk matrix agreed with Head of Privacy and DPO, in particular for
• Support external privacy risk assessments and compliance reviews.
• Maintain records of processing activities (RoPA) and data inventories using these to generate privacy risk insights and suggest operational / process activities or relevant configurations
• Network, Training & Awareness
• Keep and engage with Privacy Asset Owner Network by relevant communication, periodic trainings, acting on support inquiries and ensuring Owners are supported in their Privacy Asset configurations and processes
• Develop and deliver privacy training and awareness programs across the organization, focusing on practical and operational privacy compliance
• Promote a culture of privacy and data protection.
• Technology & Tools
• Liaise with IT on available IT technology potentially supporting privacy management, e.g. DLP, Smarsh etc.
• Collaborate with IT and security teams to ensure privacy controls are embedded in systems and processes.
• Reporting & Metrics
• Track and report on privacy KPIs and metrics to senior leadership.
• Prepare documentation for regulatory inquiries and audits.

Qualifications

• Bachelor’s degree in Information Security, IT, Data Management or Privacy related field (Master’s or JD preferred).
• 5+ years of experience in security, privacy, compliance, or data protection roles.
• Strong knowledge of technical and organizational standards necessary for compliance with privacy regulations e.g., HIPAA, GDPR, CCPA, PIPIA
• Experience with IT technology and tools that can be leveraged for privacy management
• Excellent project management and communication skills.
• Certifications such as CIPP/US, CIPM, or similar are a plus.

Preferred Skills

• Ability to work independently to suggest solutions, configurations, technology use cases and process improvements.
• Strong analytical and problem-solving skills.
• Ability to work in an organized and planned manner tracking progress against time.
• Strong technical background and understanding of latest privacy relevant technology to act as interface between Legal and IT
• Familiarity with data governance and cybersecurity principles.
• Experience working in a multinational or highly regulated environment.

#LI-Remote