Privacy Risk Program Manager

Organization: Facebook

Location: Menlo Park, Washington, California, District of Columbia United States

Keywords: Privacy, Program Manager, Risk

Job Type: Full-Time

<< Back to Job-Board
Learn More

Facebook strives to honor people’s data in everything we do, and ensure that data is used in a legal and authorized manner. Understanding that there is limitless potential for the use of personal data, Facebook is committed to the development of a robust Global Privacy Team that is ready to take on the challenge of safeguarding and preserving the privacy choices of every individual user. The Privacy Risk Program Manager will be a critical part of Facebook’s Central Privacy Program and be responsible for Privacy Risk Management related efforts.

Our organization is responsible for the design, implementation, monitoring, and maintenance of the company’s Privacy Program. We develop frameworks to ensure people’s privacy is at the center of our products and services, and that we’re complying with our regulatory obligations — all while maintaining Facebook’s core culture. We partner with teams from every org to better document our current practices, scale our safeguards, and identify gaps; and together, we are building an industry-leading privacy compliance program.

The Privacy Risk Program Manager will join the Privacy Risk Management team of Risk and Privacy Professionals that work across Facebook’s products teams, business groups, and Privacy Organization to assess and manage risk in order to protect user data. This role requires working closely with internal partners to identify, measure and manage privacy risks associated within their environments. The ideal person will have proven risk management skills, patience, attention to detail, be self-motivated, and have a collaborative and positive attitude.
Privacy Risk Program Manager Responsibilities
  • Support the design, build and execution of industry leading risk management programs, including risk assessments, risk modeling, risk treatment strategies, reporting and monitoring.
  • Interpret data processing activities, systems and operational practices in order to understand and interpret our risk environment.
  • Conduct Privacy Risk assessments by analyzing the current risks and identifying potential risks that are affecting the business and product groups.
  • Perform Privacy Risk evaluation across the company’s business and product groups handling of risks.
  • Prepare reports of identified and assessed risks to the management.
  • Support the process for determining appropriate risk tolerance across our risk profile.
  • Providing thought partnership, risk analytics (e.g. return on Risk Mitigation investments), and recommendations around remediation, risk mitigation, or process improvement to risk owners, Compliance or other control-related functions, as well as Leadership.
  • Consult and coordinate with Compliance on the creation and monitoring of risk mitigation or treatment plans.
  • Manage relationships both internal and external to the privacy organization.
  • Effectively communicate and interface with internal stakeholders, as well as colleagues and business partners.
  • Exercise excellent people skills, be a team player with a bias to action.
  • Be motivated by the opportunity to solve privacy problems within an operations environment.

Qualifications

Minimum Education Level: Bachelor's

Minimum Qualifications
  • Experience in designing, building and scaling risk processes, with experience getting things done and overcoming obstacles.
  • Experience influencing stakeholders and engineers, including “roll-up the sleeves” type of collaboration within a diverse, global, cross-functional team.
  • Experience in end-to-end strategy to implementation, navigating business structures while maintaining confidentiality and discretion.
Preferred Qualifications
  • 10+ years experience in the area of risk management, data privacy, security, audit and data governance in an information technology environment
  • Bachelor’s degree in Risk Management, Engineering, Information Systems, Business or another related field of study
  • Analytical and problem-solving experience with large-scale systems, and experience interpreting bottlenecks in complex systems and partnering with teams to resolve architectural issues, with experience adapting to new technology and participating in design discussions
  • Knowledge of Product Development Life Cycles (PDLC)
  • Industry certifications relating to security, privacy, and risk management, such as CIPP, CIPM, CIPT or Information security certifications such as CISM, CISSP, CISA, and CRISC
  • Working knowledge or willingness to quickly learn the content and requirements of various laws, regulations, industry guidance, and company compliance policies, particularly related to privacy, data disclosure, and cybersecurity
  • Demonstrate data analytical skills, creativity, and experience working with attention to detail
  • Experience maintaining open, candid, and trusting work relationships
Learn More
Posted: March 4, 2021
<< Back to Job-Board