Director, Global Privacy Program

Company DescriptionWe help the world see new possibilities and inspire change for better tomorrows. Our analytic solutions bridge content, data, and analytics to help business, people, and society become stronger, more resilient, and sustainable.Job DescriptionJoin our Privacy Team in our Jersey City, NJ global headquarters (flexible hybrid work model) to support the CPO in defining and documenting Global Privacy Program framework components and processes.Develop enhanced objectives and processes for and oversee Global Privacy Program activities, such as: privacy impact or risk assessments, recordkeeping, incident response management, third party privacy risk management (including transfer impact assessments) and data subject requests.Develop and maintain comprehensive privacy and data protection policies, standards, procedures and guidance, as well as corporate privacy notices, ensuring all are updated in accordance with new or changed legal or regulatory requirements.Design and build enhanced comprehensive core and topic-specific privacy training materials to promote awareness of privacy principles, requirements and best practices across the organization. Deliver effective targeted privacy training offerings to specific regions, businesses or functions as appropriate.Enhance legislative and regulatory change management processes, incorporating features to facilitate successful implementation of new or changed requirements across the organization, reconciling any actions needed with established practices and updated documentation.Define, lead and successfully execute privacy projects with cross-functional stakeholders to address emerging risks, operational changes, requirements implementation, procedural or technological process enhancements or other special initiatives.Develop and maintain an enhanced centralized privacy program Standard Operating Procedures (SOP) documentation center for all businesses to reference and maintain current documentation sufficient for potential audit purposes.Collaborate closely with Compliance Monitoring concerning internal data protection assessments and risk reviews, and with appropriate Compliance, Regulatory and other teams concerning any potential external audits or examinations to produce responsive procedural or other documentation as appropriate. Collaborate with Enterprise Risk Management to ensure company risk assessment profiles or other documentation concerning data protection are regularly reviewed and updated to reflect changed or emerging risks.Develop enhanced playbooks and related guidance for contract and other teams to reference and enhance the company’s sophistication in capturing and negotiating effective privacy and data protection terms in third party contracts (e.g., product, supplier, M&A and other agreement types), supporting negotiation teams with additional training as appropriate.Develop appropriate presentation materials concerning privacy risks, program operations metrics and special initiatives status for company department updates, risk committees and/or Board of Directors updates.Develop and manage company Privacy Champions program, including engagement strategies, roles and responsibilities, and key activities (periodic Summits, trainings, initiatives and special projects)Serve on cross-functional working groups, committees or other governance bodies to support company compliance processes with a nexus to data protection activities and drive awareness of Privacy-by-Design and associated best practices for all related initiatives.Completes all responsibilities as outlined on annual Performance Plan.Completes all special projects and other duties as assigned.Must be able to perform duties with or without reasonable accommodation.QualificationsBachelor’s Degree10+ years’ experience as a people manager or privacy governance team leader10-15+ years’ experience with leading privacy programs and associated compliance governance, including demonstrated experience in defining and managing privacy program activities and reporting concerning associated key risk indicators (KRIs) and key performance indicators (KRIs)10+ years’ experience in leading and performing privacy governance functional responsibilities, including impact or risk assessments, managing data privacy incidents and any associated notification processes10+ years’ experience leading privacy-focused legislative and regulatory change management processes, from communication through implementation verification and maintaining associated documentation10+ years’ experience in working with and demonstrated knowledge of key U.S. and global privacy laws and regulations (e.g., GLBA, HIPAA/HITECH, FCRA, CAN-SPAM, TCPA, PIPEDA, GDPR, PIPL plus DSL & CSL, CCPA/CPRA and other U.S. state privacy laws)Strong substantive knowledge of and experience working towards compliance with leading privacy and cybersecurity frameworks and industry standards (e.g., NIST, ISO, HITRUST, PCI DSS)Experience managing and responding to regulatory inquiries or examinations, and oversight of implementing any potentially required corrective actions or complying with any related regulatory ordersProven ability to effective build collaborative relationships with team members and stakeholders across the company to: drive awareness of privacy concepts and requirements, facilitate compliance with applicable privacy laws and encourage best privacy and data governance practicesExemplary written and verbal communication and project management skills, with the ability to employ emotional intelligence and a sense of humor in personal interactions while still retaining executive presence and a professional demeanorExpertise in company compliance and change management practices, with demonstrated advanced understanding and application of effective risk management principles and practicesAbility to independently define objectives and goals, as well as simultaneously plan, manage and execute multiple and cross-functional high visibility, high complexity and high impact privacy-related projects and initiativesDemonstrated experience and expertise in independently drafting and delivering data protection training modules and related materialsExemplary problem-solving and analytical skills, with the ability to independently develop strategies and solutions to drive efficiencies and resolve potential system compatibility or other operational challengesDemonstrated experience leading, inspiring and overseeing diverse teams through complex initiatives to deliver impactful resultsTravel Required: 5%Preferred:IAPP Certification(s), such as: CIPP/US, CIPM, CIPP/E10+ years’ experience at a U.S. regulated financial services company, with insurers and insurance product experienceSignificant demonstrated high profile project leadership experience or Project Management Professional (PMP) certification#LI-LM03
#LI-HybridAdditional InformationFor over 50 years, Verisk has been the leading data analytics and technology partner to the global insurance industry by delivering value to our clients through expertise and scale. We empower communities and businesses to make better decisions on risk, faster.At Verisk, you'll have the chance to use your voice and build a rewarding career that's as unique as you are, with work flexibility and the support, coaching, and training you need to succeed. For the eighth consecutive year, Verisk is proudly recognized as a Great Place to Work for outstanding workplace culture in the US, fourth consecutive year in the UK, Spain, and India, and second consecutive year in Poland.  We value learning, caring and results and make inclusivity and diversity a top priority.  In addition to our Great Place to Work Certification, we’ve been recognized by The Wall Street Journal as one of the Best-Managed Companies and by Forbes as a World’s Best Employer and Best Employer for Women, testaments to the value we place on workplace culture.We’re 7,000 people strong.  We relentlessly and ethically pursue innovation. And we are looking for people like you to help us translate big data into big ideas. Join us and create an exceptional experience for yourself and a better tomorrow for future generations.Verisk BusinessesUnderwriting Solutions — provides underwriting and rating solutions for auto and property, general liability, and excess and surplus to assess and price risk with speed and precisionClaims Solutions — supports end-to-end claims handling with analytic and automation tools that streamline workflow, improve claims management, and support better customer experiencesProperty Estimating Solutions — offers property estimation software and tools for professionals in estimating all phases of building and repair to make day-to-day workflows the most efficientExtreme Event Solutions — provides risk modeling solutions to help individuals, businesses, and society become more resilient to extreme events.Specialty Business Solutions — provides an integrated suite of software for full end-to-end management of insurance and reinsurance business, helping companies manage their businesses through efficiency, flexibility, and data governanceMarketing Solutions — delivers data and insights to improve the reach, timing, relevance, and compliance of every consumer engagementLife Insurance Solutions – offers end-to-end, data insight-driven core capabilities for carriers, distribution, and direct customers across the entire policy lifecycle of life and annuities for both individual and group.Verisk Maplecroft — provides intelligence on sustainability, resilience, and ESG, helping people, business, and societies become strongerVerisk Analytics is an equal opportunity employer.All members of the Verisk Analytics family of companies are equal opportunity employers. We consider all qualified applicants for employment without regard to race, religion, color, national origin, citizenship, sex, gender identity and/or expression, sexual orientation, veteran's status, age or disability. Verisk’s minimum hiring age is 18 except in countries with a higher age limit subject to applicable law.Unsolicited resumes sent to Verisk, including unsolicited resumes sent to a Verisk business mailing address, fax machine or email address, or directly to Verisk employees, will be considered Verisk property. Verisk will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume.SummaryType: Full-timeFunction: LegalExperience level: DirectorIndustry: Information Technology And Services