Apply on Employer Site

Kia America · 4 months ago

Sr. Data Privacy Manager

Irvine, CA

Full-time

Onsite

Senior Level, Lead/Staff

$106K/yr - $147K/yr

8+ years exp

Kia America is a leader in the automotive industry, focused on creating award-winning products. The Sr. Data Privacy Manager will oversee daily data privacy operations, ensuring compliance and proper handling of data subject requests while implementing data protection strategies and conducting internal audits.

Automotive

Responsibilities

Manage day-to-day data privacy operations, including recordkeeping and compliance monitoring

Ensure proper handling of data subject requests (e.g., access, deletion, or modification)

Implement data protection strategies and compliance frameworks while monitoring adherence to data privacy policies across departments

Establish an internal control and monitoring system to prevent the leakage, misuse, and abuse of personal information

Develop and deliver privacy training materials for employees

Maintain records of processing activities and ensure documentation accuracy

Conduct internal audits to identify gaps in privacy compliance

Support Legal with the DPIA (Data Protection Impact Assessments) for new projects or business initiatives

Monitor IT projects to ensure compliance with relevant regulations while reviewing system architecture based on the PII life cycle

Review and manage vendor agreements, ensuring data privacy clauses are included and enforced, while overseeing contracts related to the outsourcing and delegation of PII processing

Monitor third-party compliance with the organization's data protection requirements

Collaborate with IT, Information Security, Legal, and HR teams to implement technical and organizational measures that demonstrate reasonable security procedures and practices are in place in accordance with privacy regulations

Support the Data Privacy Director and Legal in responding to regulatory inquiries and investigations

Assist the Customer Care team in managing customer PII matters and develop a structured process for handling customer complaints related to PII processing and protection

Qualification

Data privacy complianceData protection strategiesPrivacy training developmentPrivacy laws knowledgeCybersecurity certificationsProject managementCommunicationOrganizational skillsCollaboration

Required

Bachelor's degree in law, computer science, information technology or security, business administration, or a related field required

Minimum of 8 years of experience in privacy, data protection, or compliance roles

Proven track record of developing and implementing privacy strategies in a complex organization

In-depth knowledge of US/states privacy laws and regulations such as CCPA, CPRA, HIPAA, etc

In-depth knowledge of International Privacy Standards such as GDPR and ISO 27701

Ability to interpret and apply privacy regulations in a business context

Excellent written and verbal communication skills

Strong organizational and project management skills

Preferred

Advanced degree preferred

Certification in data privacy (e.g., CIPP/E, CIPM, or equivalent) preferred

One or more of the following cybersecurity certifications are highly desired: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC)

Familiarity with Canadian and Mexican privacy laws and regulations preferred