Overview
Are you looking to take your career from good to great? As an employee of PenFed, every day is an opportunity to thrive, and be part of a team working to ensure our organization is providing world class service to our members, employees, and our communities. We exist to help our members realize their full potential, educate and encourage their dreams, and make every effort to follow our mission and help our members -do better.- Joining PenFed is more than being an employee; it's about being a part of the PenFed family.
PenFed is hiring a (Hyrbid) Director, Privacy at our Tysons, Virginia location. The primary purpose of this job is to oversee all activities related to the organization's privacy posture, including creation of the correct privacy policies, conducting privacy impact assessments, ensuring organizational compliance with state and federal privacy laws through advising operational areas and implementing montioring mechanisms, investigating privacy-related incidents and breaches and recommending appropriate regulatory or other reporting. This position interacts with InfoSec, Data Governance, Compliance and Legal partners as well as all Business Units. This posiiton will interact with the Board of Directors and the executive team as a subject matter expert on privacy law compliance.
The Privacy program is designed to identify, measure, and manage the risks to consumers and the institution associated with collection, use, sharing, transmission, retention, and disposal of personally identifiable and confidential information.
Responsibilities
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned.
Serve as a primary source of knowledge on how member information handling, both on-line and off-line, implicates state and federal privacy laws
With regard to handling of member information: Set standards for member notice; for member opt-in or opt-out choice (Consent Management); for member ability to access, correct/update, delete permissions or other personal information (Data subject Rights); for standards of safeguarding of member information.
Establish system of monitoring compliance with privacy standards, and reporting identified issues to executive and senior management.
Establish system of assurance of enterprise compliance with privacy standards.
Aggregate member privacy opt-out choices into easily accessible and comprehensible member communication.
Work closely with the CIO to ensure the privacy program is suited to the company's Information Systems strategies, promoting privacy by design, and incorporating privacy considerations into the development of new systems, processes and technologies.
Work closely with the CISO to ensure the privacy program is suited to the company's Information Security strategies
Develop and maintain incident response plans for addressing privacy incidents and breaches in a timely and effective manner.
Work closely with the Data Governance Council to ensure the privacy program is incorporated into requirements of the enterprise's Data governance program.
Work closely with the Chief Compliance Officer to ensure the privacy program is suited to the company's risk appetite within compliance, and to design an ability to monitor business unit compliance with privacy regulations.
Develop and present privacy material for various committee and board meetings such as the Enterprise Risk Management Committee, Financial Management Risk Committee, monthly board meetings, and ad hoc meetings as requested.
Maintain and continually updates knowledge of federal, state and international laws and regulations pertaining to privacy regulations and requirements.
Develop employee training on privacy matters, and communicate Privacy policy requirements to employee population.
Perform and/or cause to be performed Privacy impact assessments
Serve on PenFed's Data Governance Council
Update privacy policies and procedures in accordance with applicable laws and regulations, as well as financial industry best practices.
Determine how PenFed shares data on its privacy practices with its members and the general public, both on-line and off-line.
Increase member trust in organizational handling of their private information.
Serve as a member of the management team and works with other management team members to develop goals and strategies in order to meet corporate objectives while maintaining adherence to all relevant privacy requirements.
Work directly with examiners to facilitate responses to their requests for information and data related to PenFed's Privacy Program.
This role is responsible for ensuring business continuity.
Qualifications
Equivalent combination of education and experience is considered.
At least 12 years work experience with 5 and the management/leader level.
5+ years of familiarity with privacy and/or data protection laws and practices, with an understanding of US Federal and state-level privacy laws.
At least 7 years experience advising on regulatory or legal issues within a regulated financial institution.
Proven ability to influence effectively across various levels of management.
Ability to work independently.
Ability to launch new initiatives.
Strong interpersonal and organizational skills.
Strong written and verbal communications skills.
Bachelor's Degree or equivalent required.
Postgraduate degree in Law or relevant field (information security, privacy, compliance) is highly desired and will be preferred.
Certification in privacy (CIPP and/or CIPM) or willingness to obtain certification.
Licenses and Certifications
Certification in privacy (CIPP and/or CIPM) or willingness to obtain certification.
Work Environment
While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.
Most roles require working in an office setting with moderate noise and the ability to lift 25 pounds.
Travel
Ability to travel to various worksites and/or conferences may be required.
About Us
Established in 1935, PenFed today is one of the country's strongest and most stable financial institutions with over 2.8 million members and over $36 billion in assets. We serve members in all 50 states and the District of Columbia, as well as in Guam, Puerto Rico and Okinawa. We are federally insured by NCUA and we are an Equal Housing Lender. We are available to members worldwide, via the web, seven days a week, twenty-four hours a day. We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more. Equal Employment OpportunityPenFed management will maintain and observe personnel policies which will not discriminate or permit harassment or retaliation against a person because of race, color, creed, age, sex, gender, gender identity, gender expression, religion, national origin, ancestry, marital status, military or veteran status or obligation, the presence of a physical and/or mental disability or medical condition, genetic information, sexual orientation, and all statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same. PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at 402-639-8568.