Directs and oversee the director of privacy and coordinate privacy and data security programs with senior executives globally to ensure consistency across the organization.
Develop appropriate sanctions for failure to comply with the corporate privacy policies and procedures.
Resolve allegations of non-compliance with the corporate privacy policies or notice of information practices.
Work with RSM executive office, the Global Data Privacy Director and other Global resources to develop relationships with RSMi leaders, applicable regulatory bodies, peer firms and other outside leadership entities responsible for privacy and data security.
Note: This is not an exhaustive list of responsibilities assigned to this position/candidate.
Incident Response and Data Breach:
Administer action on all complaints concerning the organization’s privacy policies and procedures in coordination and collaboration with other similar functions and, when necessary, legal counsel
Bachelor’s degree (required)
Juris Doctorate or equivalent (required)
CIPP, CIPM, CIPT or similar privacy certifications (preferred)
CISSP, CISA, CISM or similar technical certifications (preferred)
Technical/ Soft Skills:
Excellent conflict resolution and negotiation skills (preferred)
Ability to influence change and champion all privacy initiatives within the firm (required).
Ability to manage a variety of tasks, project and privacy activities efficiently and effectively (required).
Strong organizational skills, attention to detail and interpersonal communication skills
Strong analytical and problem solving skills
Able to work harmoniously and effectively with others
Able to preserve confidentiality and exercise discretion
Able to work under pressure and manage multiple projects with competing deadlines and priorities
Minimum 10 law firm or substantive privacy background and experience.
License in good standing to practice law (preferred).
Knowledge of business processes and the ability to work with all levels within the firm (required).
Experience with building a global privacy program(required)
years proven and progressive experience in a professional services firm (operations, audit, tax, compliance, or legal management experience)
Experience with performing research and proposing solutions.
Knowledge of domestic and international data privacy regulations.
Knowledge of U.S. laws and regulations, such as HIPAA, Gramm-Leach Bliley Act and U.S. state breach notification laws. Also knowledge of the EU Data Protection Directive, Privacy Shield or the EU General Data Protection Regulation.
Experience in auditing frameworks and international standards, such as ISO 27001, and familiarity with governance, risk and compliance (GRC) tools and how they can be used to support privacy-related GRC activities.
Exceptional business judgment, with the ability to think strategically and give practical advice by balancing business needs with legal risk (required).