edtech.com
Post a job.

Existing employer? Sign in

Colibri logo

Colibri

Data Privacy Engineer

🇺🇸 Remote - US

🕑 Full-Time

💰 TBD

💻 Cybersecurity

🗓️ April 17th, 2024

Cyber Security Excel
At Colibri Group, culture is a critical part of our collective success, and we live our values everyday: Love, Joy, Boldness, Teamwork, and Curiosity.  These values guide our interactions with each other, our customers, and the community.

Data Privacy Engineer

Colibri Group is seeking a data privacy engineer who will be responsible for ensuring the protection and security of sensitive information within Colibri Group and subsidiaries. The job involves implementing and maintaining data privacy policies, procedures, and technologies to safeguard data against unauthorized access, breaches, and misuse.

What you'll do

Oversight

  • Oversee the company’s privacy and security compliance program including maintaining and updating policies and guidance, risk assessments, training materials and other resources.
  • Ensure data privacy and security are considered at the outset of new data partnerships, vendor relationships, projects, products, and initiatives.
  • Provide guidance on potential opportunities and/or partnerships, identifying legal and regulatory concerns and continually improving processes and procedures.
  • Handle inquiries and issues related to data privacy and security practices, including but not limited to responding to costomer requests to exercise their various rights.
  • Ensure Record of Processing Activities is maintained.
  • Ensure that the sub-processors list is maintained.
  • Ensure that clients are notified about subprocessor changes.

Policy Development

  • Develop and enforce data privacy policies and procedures in accordance with applicable laws and regulations.
  • Collaborate with legal and compliance teams to ensure alignment with privacy laws and industry standards.

Risk Assessment

  • Conduct data privacy impact assessments (DPIA’s) to identify and mitigate potential risks associated with data processing activities.
  • Evaluate existing systems and processes to identify vulnerabilities related to data privacy.

Data Mapping and Classification

  • Identify and classify sensitive data within the organization.
  • Create data maps to understand how and where sensitive information is stored, processed, and transmitted.

Privacy by Design

  • Work with software and systems architects to integrate privacy measures into the design and development of applications and systems.
  • Promote a privacy-by-design approach to ensure data protection from the initial stages of product development.

Privacy by Default

  • Whenever possible, promote a user privacy-friendly approach that favors and respects users’ privacy even in jurisdictions that do not demand it.
  • Promote a privacy-by-default approach to ensure data protection from the initial stages of product ideation.

Incident Response

  • Develop and implement incident response plans for data breaches or privacy incidents.
  • Investigate and analyze security incidents, providing recommendations for improvement.

Compliance Monitoring

  • Monitor compliance with data protection laws, regulations, and organizational policies.
  • Conduct regular audits to ensure adherence to privacy standards.

Training and Awareness

  • Develop data privacy training campaigns for employees on data privacy best practices.
  • Raise awareness about the importance of data privacy across the organization.

Vendor Management

  • Evaluate and manage third-party vendors to ensure they comply with data privacy requirements.
  • Review and negotiate privacy terms in contracts with external partners

Data Subject Requests

  • Manage and respond to data subject access requests (DSARs and RTBD) in compliance with relevant privacy laws.
  • Ensure transparent communication with data subjects regarding the processing of their personal information.

Continuous Improvement

  • Stay informed about evolving privacy laws and industry trends.
  • Continuously assess and enhance the organization's data privacy program.

Qualifications for this Position

  • Expertise in EU and US-based data privacy and security laws and practices preferably as it relates to data aggregators and marketing use of data.
  • Familiarity with CCPA and GDPR.
  • Familiarity with a privacy management platform.
  • Familiarity with OneTrust’s DPIA, Data Mapping, Privacy Rights Automation, and Consent preferred.
  • Experience reviewing, drafting and facilitating agreements and contracts preferred.
  • CIPP/US,  CIPP/E, or CIPM certifications are preferred.
  • Familiarity with PIPL, DPDPA, and other regulations preferred.
  • Demonstrable independence, self-motivation, professionalism, and proactivity, along with a strong work ethic and a commitment to excellence.
  • Highly organized with the ability to research and communicate complex topics with diverse stakeholders and manage diverse projects.
  • Strong proficiency in PowerPoint, Excel, Word or other technology to facilitate communicating complex information to stakeholders, manage personal workload, and track projects.

Colibri Group welcomes applicants from all backgrounds and experiences, and we understand that not every candidate will meet every requirement listed in the job description. Research has shown that women and people of color may be less likely to apply to jobs unless they feel they meet every qualification, and we want to actively combat this bias in our hiring process. If you're excited about the role and believe you have the skills and experience to contribute to our team, we encourage you to apply, even if your background doesn't align perfectly with every qualification listed. We are committed to building a diverse and inclusive workplace, and we believe that diversity of perspectives and experiences is essential to our success. You may be just the right candidate for this role or another position within our organization. Don't hesitate to take the leap and apply today!
 
Colibri Group is an equal opportunity employer that is committed to diversity and inclusion in the workplace. Colibri Group prohibits discrimination and harassment of any kind based on race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, disability, genetic information, or any other status protected under federal, state, or local law.

Similar Jobs

Senior Infrastructure Security Engineer

GoGuardian

🇺🇸 Remote - US

Manager, Cybersecurity Engineering

Cornerstone

🇺🇸 Remote - US

Information Security Engineer

New York University

🇺🇸 Hybrid - NY

Security Engineer

Chess.com

🇺🇸 Remote - US

Senior Software Security Engineer

Imagine Learning

🇺🇸 Remote - US