Data Privacy Director
Data Privacy DirectorBoston, Massachusetts Technology Job ID R14596
MassMutual recognizes the importance of an integrated and coordinated privacy, data, and AI governance program. We seek a skilled and highly motivated privacy professional with strong business acumen, judgement, and risk management expertise to join this Enterprise Privacy, Data and AI Governance team within the Enterprise Technology & Experience organization. The successful candidate will be a risk and control owner in the first line of defense setting strategy for meeting or exceeding expectations of consumers, policyholders, employees, and regulators and then efficiently executing that strategy.
The team embodies a culture of working collaboratively, inclusively, and cross-functionally with a high degree of agility and innovation driven by a shared passion for achieving business results. Join us as we digitally transform our governance operations and nonlinearly scale to support the evolving needs of MassMutual.
As a risk and control owner in the first line of defense this role sets strategy to meet privacy-related legal obligations and commitments to organizational principles and policies.
Identify privacy-related risks across the enterprise and manage those risks via design and development of policies, control objectives and technology capabilities.
Work to align advanced technologies and Privacy by Design principles from the first stages of development and ensure that the data use meets established privacy-related obligations.
Perform regular privacy assessments of operational processes, identifying, and mitigating risks across the company through effective tools, training, and guidance.
Consult with privacy stewards and users and manage a team of privacy analysts to assess and advise on solution architectures and/or identify necessary modifications to new or existing systems.
Interface with developers and architects in designing big data solutions that enable the business to be data driven while protecting the data assets.
Act as key interface to data science and analytics communities
Interface with usability team to ensure user-facing privacy controls are simple and effective.
Produce data anonymization standards for systems and business processes to preserve and improve privacy protections.
Lead the development and execution of new privacy products and features including consent and preferences management, privacy rights of access and control, and data flow inventory and flow mapping.
Prioritize target outcomes for the Data Privacy program, create an action plan, and execute.
Communicate program progress, escalations, and issue analysis to key stakeholders.
Knowledge and Skills
Expertise in US and global privacy legislation and regulations including GLBA, HIPAA, CCPA, and GDPR.
Expertise in enterprise risk management including frameworks, risk inventories, control design & testing, and risk acceptance processes.
Excellent analytical and problem-solving skills.
Excellent communication skills (verbal and written), ability to influence without authority.
Ability to balance risks in ambiguous and complex situations.
Demonstrated teamwork and collaboration skills in leading or contributing to global and multi-functional teams.
Highly motivated to contribute and grow within a complex area of emerging importance.
Demonstrated working knowledge of software engineering fundamentals.
Understanding of design for software applications running on multiple platforms.
Competent in the interpretation of numeric data, an understanding of statistical principles.
Strong understanding of digital ecosystems, including digital marketing technology
BS or MS degree in computer science, computer engineering, information systems, privacy engineering, privacy or cyber security law, or related field of study.
7+ years of delivering digital solutions with a track record of successfully planning, implementing, and change-managing large initiatives.
2+ years’ experience utilizing key performance indicators and key risk indicators to drive program strategy and execution, including dashboarding with data visualization tools.
2+ years of knowledge and use of a governance, risk, and compliance system such as ServiceNow IRM or Archer.
Product Owner or Product Manager expertise with excellent project management and prioritization skills.
Demonstrated ability to quickly develop a command of new concepts and deliver multiple and diverse assignments with the highest level of accuracy and quality.
Demonstrated ability to translate technical, regulatory, and legal requirements into clear, understandable guidance and playbooks that are actionable by the business.
5 years' experience in privacy / data protection or a graduate degree or concentration in privacy engineering
CIPM, CIPP, CIPT or AIGP certification or similar
Experience in a highly regulated industry such as finance, pharmaceuticals, or healthcare
ServiceNow Implementer certification
ISACA certifications (CISA or CRISC)
Agile certifications (e.g., SAFe)
Technical certifications e.g. AWS Certified Cloud Practitioner, AWS Certified Solutions Architect, AWS Certified Developer
Authorization to work in the United States without sponsorship now or in the future.
#LI-MS1MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.