Associate Principal - Chicago, United States - The Judge Group

    The Judge Group
    The Judge Group Chicago, United States

    4 weeks ago

    The Judge Group background
    Description

    This is a direct hire position and hybrid to downtown Chicago.

    Responsibilities:

    • Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids
    • Identification, implementation, and use of technologies to support program objectives and classification standards
    • Execution of controls and risk assessments (e.g., third-party risk, privacy, data protection)
    • Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident.
    • Creation and execution of strategies to identify information across the organization and throughout its lifecycle
    • Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings
    • Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk
    • Development and maintenance of the organizations Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of legacy information
    • Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems
    • Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program

    Qualifications:

    • The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
    • Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy
    • Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains
    • Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships
    • Strong experience in building the capabilities for auto data classification, data security and data protection.
    • Experience with classification standard definitions and settings
    • Experience with Privacy requirements and work with personal information and its protection
    • Strong strategic thinking, problem solving, and analytic skills
    • Utilize metrics as means to improve performance
    • Ability to adapt to change in emerging environments and work across multiple areas
    • Experience in developing policies and procedures
    • Experience in project management, project execution, and managing multiple priorities in a timeline driven environment
    • Experience working in a highly regulated environment including an understanding of audit and compliance requirements
    • Understanding of and interest in technology selection and implementation
    • Experience in Information Security related policy, procedure and control writing
    • General understanding of information technology and risk management concepts
    • Ability to work independently and as a member of a team, proficient in collaborating with internal business clients from different departments and at various levels of seniority
    • Proficient in gathering, analyzing, and evaluating facts and preparing/presenting concise oral and written data analysis and reports
    • Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc.

    Education and/or Experience:

    • Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience
    • 5 or more years of applicable work experience
    • Previous work with information or data governance control activities in the financial services industry.
    • Experience in the financial services industry

    Certificates or Licenses:

    Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)