Data Privacy Program Manager
Full Time Job
World Wrestling Entertainment Inc. (WWE) with headquarters located in Stamford, Connecticut is seeking a Data Privacy Program Manager to support the company's data protection and regulatory requirements initiatives. The successful candidate will have broad experience and understanding in data privacy regulations and concepts relating to data management, IT risk management and information security
The Data Privacy Program Manager will be responsible for managing WWE's high-risk privacy and data protection requirements, in support of California Consumer Protection Act (CCPA) initiatives. These privacy programs include management of WWE's data inventory and lifecycle, consent processes and online privacy requirements, consumer & marketing management activities, and supporting security management initiatives.
The role of the Data Privacy Program Manager will be responsible for developing plans and strategies, including driving program improvements to support CCPA. Additionally, the role of the program manager will assist in the development of data security policies, work closely with WWE's internal Legal Affairs and Information Security divisions, and work across multiple lines of business that handle personal information.
• Support WWE's privacy compliance program and CCPA short / long term goals.
• Work collaboratively with Information Security and Risk Management to prioritize compliance and risk remediation efforts.
• Work with WWE's designated Data Privacy Officer (DPO), Information Security, Enterprise Technology and Legal Affairs departments to ensure consistent application of data privacy policies and practices.
• Ensure the successful development, implementation, and sustainment of CCPA compliance by allocating privacy resources and prioritization of compliance tasks such as data handling, retention, and deletion.
• Identify data compliance risks and improvement opportunities, working collaboratively with all stakeholders to address appropriate mitigation strategies.
• Schedule data privacy stakeholder interviews and Privacy Impact Assessments. Ensure the accuracy of interview documentation, record inventories, and understanding of data management practices.
• Track vendor management data processing procedures and process flows.
• Support consumer privacy training and awareness programs to stakeholders that handle personal information, and monitor completion progress.
• Monitor the alignment of WWE's privacy practices with regulatory requirements and track consent, such as data subject access request, intake, and response control mechanisms to provide for timely responses to exercise rights requests.
• Report weekly on Key Performance Indicators (KPIs) and as needed for escalation purposes.
• Four-year degree in computer science or related combined work/education experience.
• Three to five years of experience managing information security compliance programs.
• A minimum five years of project management experience in a corporate setting.
• Certified Information System Auditor (CISA), Certified Information Security Manager (CISA) or other equivalent certification in Data Privacy.
• Ability to analyze complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner.
• Experience with NIST and ISO/IEC 27001 frameworks and audits.
• Familiarity with European Data Privacy requirements (e.g. GDPR) a plus.
• Strong verbal and written communication skills.
• Excellent interpersonal skills.
• Strong attention to detail, well-organized, and able to manage time efficiently.
• Team player with ability to deal effectively with individuals at all levels.
• High degree of initiative requiring little or no supervision, sound judgment, and the ability to prioritize assignments, solve problems, and meet deadlines.
• Ability to produce high-quality work in a timely fashion in a fast-paced environment.