SANDOW is seeking a Data Privacy and Protection Manager for a temporary to permanent role. Responsibilities include developing and maintaining procedures and processes for our compliance with CCPA, GDPR, and other local data protection and privacy laws, monitoring our adherence to those standards, and acting as a point of contact with supervisory authorities and data subjects. You will also help create and advise on policies that enforce compliance and deliver data protection and privacy training to staff to increase awareness of data protection measures.
To be successful in this role, you should have in-depth knowledge of GDPR, CCPA and other data protection laws and be familiar with our industry (media) and the nature of its data processing activities. You should also know how to perform audits to our current procedures and have hands-on experience with data governance, data management software and prior implementation.
The ideal candidate is a self-starter with strong technical ability and has a hybrid or blended experience in IT and/or systems with a focus on security, privacy, compliance and data governance management.
- Develop and maintain policies, procedures and processes for privacy compliance in conjunction teams and corporate functions
- Monitor data management procedures and compliance within the company
- Maintain records of processing operations and data retention
- Ensure we address all queries from data subjects within legal timeframes (e.g. delete their information from our databases)
- Liaise with other organizations (third parties) that process data on our behalf
- Build materials and arrange for training on data privacy and protection compliance for employees
- Follow up with changes in law and issue recommendations to ensure compliance
- Provide privacy guidance to internal teams to ensure that "privacy by design" is built into products, services and processes
- Identify areas of improvement in practices relative to managing data privacy and assist in designing strategies to address
- Perform regular privacy assessments of operational processes and data processing activities, identifying and mitigating risks
- Manage, operate and function as the SME on privacy related technologies and systems
- Liaise with third party audit personnel and outside legal counsel as required
- Ensure business requirements for the protection of sensitive data are implemented using data governance tools and best practices.
- Act as an agent of change to help drive data best practices and evangelize the concept of “data as an asset”.
Measures of Success:
- Will have executed on the CCPA Roadmap which was main deliverable from Focal Point CCPA audit and data mapping.
- Full setup and deployment of Consumer Rights Request center in OneTrust system for all brands.
- Full setup and deployment of Cookie Consent Management module in OneTrust and integration with SANDOW brand websites.
- Implementation of basic consumer rights workflow in OneTrust DSP module.
- Development of Consumer Rights Operations Workshops and Training Decks for internal teams.
- Bachelor’s degree in computer science, business administration or related discipline.
- Familiarity with security and privacy frameworks, general privacy & security concepts, IT audits and risk assessments
- 3-5 years of experience in privacy, data protection, risk management or related compliance functions
- Privacy certification(s) preferred: Certified Information Privacy Professional (CIPP), Certified Information Privacy Technologist (CIPT), Information Systems Security Professional (CISSP), or other related certifications.
- Solid knowledge of GDPR, CCPA, and other US and international data protection laws in order to perform data inventory, compliance program assessments and privacy program implementations.
- Knowledge of data processing operations in the company’s sector is preferable (media)
- Demonstrated experience in an enterprise IT and / or cross-functional Data Management role.
- Working knowledge of data governance & data management as operating models (organization and business process perspective)
- Hands-on experience with data governance, data management software and prior implementation experience. OneTrust preferred.
SANDOW was founded by visionary entrepreneur, Adam Sandow, in 2003 with the goal of building a truly innovative media company that would reinvent the traditional publishing model. Today, SANDOW is a fully integrated solutions platform powering innovation for the design and luxury industries. Its diverse portfolio of design media and technology companies include Interior Design, Luxe Interiors + Design, Metropolis, Galerie, and NewBeauty. Materials Innovation brands include global materials consultancy, Material ConneXion, and game-changing material sampling, logistics and sustainability platform, Material Bank. SANDOW brands also include research and strategy firm, ThinkLab. In 2019, SANDOW was selected by the New York Economic Development Corporation to become the official operator of NYCxDESIGN, beginning in 2020.
SANDOW is committed to a culture of diversity, equity, and inclusion that promotes a sense of belonging for everyone and fosters creativity and innovation in the workplace. We pledge to provide equal opportunities for success and to offer platforms for engagement, education, and discussion related to issues of justice, equity, diversity, and inclusion. By encouraging employees, clients, and the community to take part in strategic programs and initiatives, we will work together to uplift historically marginalized groups within our field and beyond.