Director, Corporate Security-Data Protection (Remote Role)

Other jobs >> General

Negotiable

Permanent

Description

Director, Corporate Security-Data Protection (Remote Role)



Director, Corporate Security - Data Protection



Description of Organization



Cognizant Corporate Security, a key organization within Cognizant Technology Solutions, is chartered with managing and directing the global enterprise physical and logical security programs. The Corporate Security organization is responsible for the oversight and coordination of security efforts across the company, including information technology, human resources, communications, legal, facilities management and various other groups, and is responsible for identifying security initiatives and standards. Corporate Security drives security compliance and serves as the key organization responsible with helping the business appropriately manage security risks.



Description of Role



Cognizant is seeking a Director, Data Protection to oversee the Corporate Securitys data protection strategy, regulatory compliance, training of staff, communication with regulators, and understanding relevant data processing risks across internal systems.



The candidate will possess expert knowledge of data protection law and practices, along with an understanding of Cognizants infrastructure, technology, and organizational structure. In this role, a risk-based approach to data protection should be taken and they will be the primary point of contact for Corporate Security with regard to potential complaints, queries, notices, and other notification requirements. Overall, an ideal candidate will possess a combination of legal knowledge, technical background, and communication skills, along with a strong sense of credibility, integrity, and independence.



Responsibilities



General Compliance



Inform and advise Corporate Security, including staff who process personal data, of their obligations as per data protection provisions. The candidate will provide recommendations about the interpretation and application of all relevant data protection rules.



Provide support to GDPR Program and other local data protection provisions and policies in relation to the protection of personal data.



Inform Corporate Security of any failure to comply with the applicable data protection rules.



Conduct data audits to ensure compliance and address potential issues proactively.



Oversee implementation of compliance tools.



Develop process to conduct due diligence to ensure information shared with partners/suppliers is in alignment with all requirements, protocols, and codes pertaining to personal data.



Maintain comprehensive records for all data processing activities conducted by the company (such as with a Record of Processing), including the purpose of all processing activities, which may be shared on request.



Documentation



Develop, review, and update new and existing documentation, including privacy policies, security policies, cookie policies, retention schedule, subject access requests, and others.



Develop and integrate incident, breach, and data loss management and notification processes into the general incident response process



Author technical data protection standards relating to cryptography methods and encryption solutions as needed.



Risk



Maintain a risk assessment process for personal data, including providing advice on performing data protection impact assessments (DPIA) and monitoring continued performance.



Report into existing Corporate Security Risk Register of processing operations within Cognizant and notify managers regarding the specific risks, as necessary.



Awareness and Training



Educate Cognizant and its employees on important compliance requirements.



Raise awareness and provide training material to staff involved with processing operations and related audits.



Provide thought leadership as it pertains to data protection efforts and provide a forward-looking view into trends that relate to controls, algorithms, and methods



Serve as the SME and go-to individual for all data protection, masking, encryption, obfuscation, tokenization efforts across Cognizant developed applications, services, and environments.



Communication



Act as the point of contact between regulators.



Facilitate communications with data subjects regarding the use of their data, their rights to have their personal data erased, and the measures that Cognizant has implemented to protect their personal data.



Handle queries, complaints, and other communication on request by the controller, vendors, customers, and other person(s).



0 %



Position Requirements:

Formal Education and Certifications



Four-year university degree in computer science, computer privacy/law, or computer engineering, and/or 7+ years equivalent work experience in privacy law, auditing, or related.



Certifications in privacy, such as Certified Information Privacy Professional (CIPP/E, CIPP/US, or CIPP/C), Certified Information Privacy Manager (CIPM), or similar.



Industry Certifications such as a Certified Information Systems Security Professional (CISSP) would be an asset.



Knowledge and Experience



Proven expert knowledge of data protection law and practices



Experience interpreting complicated and/or ambiguous regulatory requirements into understandable and actionable requirements for the organization and staff.



Deep understanding of encryption methods across applications and supporting application infrastructure (i.e. databases).



Knowledge of encryption technologies across private and public cloud as well as common vendors who provide encryption, tokenization and/or data protection solutions.



Expertise with encryption SDK architecutres and implementation of such SDKs within applications.



Familiarity with common encryption algorithms and key management protocols and practice



Experience providing guidance on privacy and security risk assessments, countermeasures, and data protection impact assessments.



Demonstrated leadership skills, project management experience, and delegation skills, while working with a diverse set of stakeholders and varied projects.



Experience working with board-level executives and other experienced personnel who may or may not understand the complexities of data protection.



Experience in developing legal and technical training, as well as awareness distributing material, to ensure staff and data subjects are aware of their rights and responsibilities.



Demonstrated diplomatic and negotiation skills to deal with DPAs and other regulators.



Experience implementing and managing compliance tools.



Strong understanding of computer systems, databases, and how personal data is stored and processed.



Excellent understanding of Cognizants goals and objectives.

Personal Attributes



Ability to perform duties in an independent manner, sometimes bound by secrecy or confidentiality.



Excellent conflict resolution skills; ability to assert oneself in challenging situations.



Strong sense of integrity and duty to report non-compliance.



Flexibility in coordinating with various cultures and industries around the world.



Excellent oral and interpersonal communication skills while working with a wide range of audience members, including board of directors, data subjects, and lawyers.



Outstanding writing and documentation skills when dealing with technical and legal matters.



Able to communicate ideas in both technical and user-friendly language, particularly in simplifying and interpreting legal jargon for average users to understand.



Ability to critically assess personal knowledge gaps and willingness to pursue training in those areas.



Ability to balance the role of trusted advisor to the organization and an internal policing role.



Highly self-motivated and directed, with keen attention to detail.



Able to prioritize and execute tasks in a high-pressure environment.



Cognizant US Corporation is an Equal Opportunity Employer Minority/Female/Disability/Veteran. If you require accessibility assistance applying for open positions in the US, please send an email with your request to ************************



Application Development / Application Maintenance



United States-New Jersey-Teaneck - NJ USA, COG



Full Time Employee



Full-time



Standard



Professional



Day Job



Oct 30, 2019, 2:40:33 PM



Information Security



IT Services - United States
  • 1
  • Negotiable
  • None
  • None
  • Re-142990
  • Permanent
  • 35

How to Apply: Please click here to create a free Pure-jobs.com account and post your resume. Only logged in job seekers can apply for a job.

Find us at:

Never provide bank account, credit card details or any other financial information, or make any form of payment, when applying for a job. If you are ever asked to do this by a recruiter on Pure Jobs please click the Report button or contact us with the advertiser's company name and the title of the job vacancy. You should not send any money to anyone. A genuine employer with a job offer would never ask you to do this.

Report this job
x

Report a job

If you're concerned about a job advert, let us know and our quality team will investigate.

Your name(*)
Invalid Input

Your email address(*)
Invalid Input

Please select you reason(*)

Additional information(*)
Invalid Input

Invalid Input

Get new jobs for this search by email.

Also get an email with jobs recommended just for me.

Create Alert



Subscribe to updates from our blog