Southern Company Data Privacy & Protection Manager in Atlanta, Georgia

Data Privacy & Protection Manager

Description

JOB SUMMARY:

The Data Privacy and Protection (DPP) position will manage the DPP program across all subsidiaries and functions within Southern Company. This position will manage policies and initiatives to influence consistent enterprise compliance with related laws / regulations and company practices. The DPP role will also execute response activities as required to limit the exposure / reoccurrence of data loss events.

JOB REQUIREMENTS:

• Bachelor’s Degree required

• Certification in data privacy or information security is desired (CIPP/US, CIPM, CISSP, CISM, etc.)

• Knowledge of information protection and data breach notification laws / regulations is desired

• Knowledge of strategies for change management, project management, and process management is desired

• Strong program management experience

• Excellent oral and written communication skills are required

• Customer focused and results oriented

• Ability to build credibility and influence without direct authority

• Strong meeting facilitation skills among peers and up to executive stakeholders

• A minimum of 5 years of job-related experience is desired

• Experience implementing cross-functional initiatives is desired

MAJOR JOB RESPONSIBILITIES:

• Manage DPP program across all subsidiaries and functions within Southern Company:

o Maintain inventory of existing laws / regulations related to data protection and breach notification

o Maintain DPP framework to guide improvements

o Develop / update policies and procedures (including protection and response) to satisfy desired enterprise risk profile.

• Ensure consistent data protection practices across Southern Company:

o Develop relationship with information end users across subsidiaries (beyond RIM and DPP champions / coordinators) to improve governance

o Work with other business groups (e.g., Internal Audit, Risk Management) to evaluate adherence to DPP policies

o Identify and implement training / communications to achieve consistent compliance

• Provide subject matter expertise on DPP program and related policies / procedures:

o Advise stakeholders on leading DPP practices and how to apply the policy / procedures

o Identify and implement initiatives to improve DPP capabilities

• Coordinate with IT to evaluate technology / tools and support implementation of related tools

• Support negotiation of data protection provisions with third parties during the contracting and facilitate monitoring of external vendor data protection

• Lead and maintain risk assessment of DPP across critical information and subsidiaries / functions

• Conduct investigation and remediation activities in response to potential data loss incidents (e.g., breach response, device lost) to limit exposure

Job Field: Legal & Compliance

Job Type: Standard

Primary Location: Georgia-Metro Atlanta-Atlanta

Operating Company: Southern Company Services

Job Type: Standard

Travel (Up to...): Yes, 25 % of the Time

Work Location(s):

Southern Company Headquarters - 30 Ivan Allen Jr. Blvd. NW (30ATLANTA)

30 Ivan Allen Jr. Blvd. NW

Atlanta, 30308

Req ID: SCS2006893