Cyber Defense Data Protection Manager

Genuine Parts Company is seeking an experienced privacy professional with experience in operational data protection and/or privacy audit to join the Global Cyber Defense team. The mission is to regularly assess privacy risks and to conduct deep-dive reviews of key privacy topics. The ideal candidate will bring a mix of operational experience, privacy experience (familiarity with GDPR is critical) and technical familiarity (comfort discussing the basics of data processing technologies). The individual must have the ability to build strong collaborative relationships across a largely virtual extended team. They need to be a strong communicator, comfortable dissecting complex topics about policy, technology, operations, and data ethics. Lastly, we are looking for someone with a passion for privacy, a can-do spirit, and a deep curiosity about how each of the Genuine Parts Companies businesses and processes work. Genuine Parts Company welcomes applications from the widest range of individuals eligible to apply and particularly encourages applications from those who would increase the diversity of the company.

Promoting a positive data culture, you will:

• Ensure an appropriate level of data and privacy compliance
• Oversee data protection governance for new projects and initiatives
• Provide assurance through monitoring and oversight
• Promote a positive data protection and privacy culture through training and awareness
• Ensure compliance through auditing and risk management activities

We anticipate the suitable candidate will bring 5+ years’ experience in a data protection or compliance role, with a robust understanding of the core elements of data protection.

• Life as a Data Protection Manager at Genuine Parts Company
• Provide advice and guidance to our employees on all aspects of privacy and data protection
• Foster a positive data protection culture within your business area
• Develop, implement, maintain, and monitor privacy and data protection policies, processes and controls
• Conduct audits to ensure privacy and data protection compliance and proactively address potential privacy and data protection issues
• Track and report key performance indicators to your stakeholders on a regular basis
• Participate and advise on security incidents and investigations or privacy complaints and undertake reporting and remedial actions as necessary
• Use your current knowledge and keep abreast of evolving privacy and data protection regulations, laws, and policies
• Maintain up-to-date reporting, and deliver updates to leadership
• 5+ years’ experience related to privacy and data protection
• 5+ years’ experience with the General Data Protection Regulation, as well as other global privacy laws, regulations, and industry guidelines
• Knowledge of and interest in emerging technologies and devices
• Knowledge of and interest in privacy and data protection concern
• Experience working collaboratively with cross-functional teams
• Sharp focus on multi-tasking, details, and organizational skills
• Provide leadership and champion organizational change; encourage participation in activities that support relationship development; champion information security innovation; encourage and enforce proper training regarding security issues

Qualifications:

• We anticipate the suitable candidate will bring between 10+ years’ experience in a data protection or compliance role, with a robust understanding of the core elements of data protection law/regulation and the interface with digital and logical security
• Strong attention to detail with the ability to produce high quality reports and presentations
• Strong communication skills
• Experience and understanding of working with data
• Experience in operational data protection and/or privacy audit, mix of operational experience (running large, cross-functional projects in global firms), privacy experience (familiarity with GDPR) and technical familiarity (comfort discussing the basics of data processing technologies)
• Ability to synthesize regulations and guidance and translate into practical operational guidance
• Hands-on experience with the GDPR, as well as other global privacy laws, regulations, and industry guidelines, especially including those relevant to social media and Internet companies
• Experience conducting impactful reviews (audits, process evaluations, gap assessments, due diligence, six sigma, etc.)
• Industry certifications relating to security, privacy, and risk management, such as CIPP, CIPM, CIPT or Information security certifications such as CISM, CISSP, CISA, and CRISC

Where permitted by applicable law, successful applicants must be fully vaccinated against COVID-19 prior to start date. COVID-19 vaccination is a condition of employment, subject to an approved accommodation, and proof of vaccination will be required on or prior to start date.

GPC conducts its business without regard to sex, race, creed, color, religion, marital status, national origin, citizenship status, age, pregnancy, sexual orientation, gender identity or expression, genetic information, disability, military status, status as a veteran, or any other protected characteristic. GPC’s policy is to recruit, hire, train, promote, assign, transfer and terminate employees based on their own ability, achievement, experience and conduct and other legitimate business reasons.