Manager Information Governance
Summary:
The Manager - Information Governance and Privacy is responsible for supporting the development and implementation of OCC’s information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its lifecycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements for external organizations with whom OCC has a business need to share information; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs.
Essential Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
- Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset.
- Implementation of the information governance, data protection, and privacy program including the development of policies, procedures and job aids; identification, implementation and use of technologies to support program objectives; and execution of controls and risk assessments (e.g. third-party risk, privacy, data protection).
- Creation and execution of strategies to identify information across the organization and throughout its lifecycle.
- Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings.
- Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives.
- Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk.
- Development and maintenance of the organization’s records and information management (RIM) program, ensuring information across all media and formats is properly retained and disposed. This includes remediation of legacy data and information repositories to ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems.
- Collaborate with OCC internal and external stakeholders to effectively and efficiently implement OCC’s information governance, data protection, and privacy policies and requirements.
- Support and develop training and awareness programs for information governance, data protection, and privacy.
- Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program.
Supervisory Responsibilities:
- N/A Individual Contributor
Qualifications:
The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience.
- Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy and knowledge of and work experience with enterprise systems, networks, databases, and other technical domains.
- Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships.
- Strong strategic thinking, problem solving, and analytic skills. Utilizes metrics as means to improve performance.
- Ability to adapt to change in emerging environments and work across multiple areas.
- Experience in developing policies and procedures
- Experience in project management, project execution, and managing multiple priorities in a timeline driven environment.
- Experience working in a highly regulated environment including an understanding of audit and compliance requirements.
- Understanding of and interest in technology selection and implementation.
Technical Skills:
Demonstrated proficiency in the following areas:
- Office 365 (Word, Excel, PowerPoint)
- Experience with systems supporting Compliance, Audit, Privacy, or Records Management
- Project / Program Management
Education and/or Experience:
- 5-10 years of applicable work experience in leadership role.
Certificates or Licenses:
- The candidate must have one of the following or the equivalent experience: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT). The following certifications are considered advantageous: Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA).