University Privacy Program Manager
The Office of Institutional Compliance within the Office of Audit, Risk, and Compliance (OARC) is looking for an enthusiastic and energetic professional for a full-time privacy position. George Mason University has a strong institutional commitment to the achievement of excellence and diversity among its faculty and staff, and strongly encourages candidates to apply who will enrich Mason’s academic and culturally inclusive environment.
About the Department:
The Office of Audit, Risk, and Compliance (OARC) provides risk-based assurance services through independent and objective internal audits; advisory activities; and planning and oversight of the university’s enterprise risk management process and the institutional compliance, ethics, and privacy programs. The Office is designed to fulfill the fiduciary responsibilities of the Audit, Risk, and Compliance Committee of George Mason University’s Board of Visitors.
About the Position:
Under the overall oversight of the Associate Vice President for Compliance and Ethics (AVP), this position will:
- Assist the AVP in the development, leadership, and implementation of a high quality, coordinated, risk-based Institutional Privacy Program as part of the Institutional Compliance and Ethics Program for Mason. (Note: “Privacy” relates to the university’s collection, use, storage, sharing, transmission, deletion, and otherwise processing of personal data related to an identified or identifiable individual);
- Assessment of privacy processes and practices, and facilitation of improvements to those processes and practices at the institutional and distributed levels;
- Continuous strengthening and maturation of Mason’s culture, processes, and practices related to privacy, and communication and training to support privacy;
- Investigation of allegations related to potential privacy matters; and
- Assistance with ongoing activities of the overall Institutional Compliance and Ethics Program.
Responsibilities:
- Monitors and evaluates privacy obligations affecting institutions of higher education;
- Facilitates and executes regular assessments of risks, processes, and practices associated with privacy and other compliance obligations at the institutional and distributed levels that consider, among other things, likelihood, impact, and velocity of risk;
- Guides/supports risk owners in their design and implementation of behaviors and actions to promote and implement improved privacy and compliance processes and practices;
- Implements ongoing communications, training, and education activities to ensure Mason employees are well-informed about privacy and compliance requirements, and the processes and practices to meet those requirements;
- Conducts or coordinates the performance of investigations related to allegations of non-compliance with respect to privacy or compliance requirements;
- Assists in the development of institutional privacy and compliance policies, processes, and practices; and
- Supports and assists the Associate Vice President in the implementation of the overall Institutional Compliance and Ethics Program.
Required Qualifications:
- A bachelor’s degree in combination with relevant experience or any combination of education and experience equivalent to an advanced degree (such as a master’s degree or law degree) in a relevant field.
- Knowledge, skills, and abilities a new employee should bring to this position:
- Knowledge of relevant legal and regulatory requirements, standards, principles, and practices relating to privacy that govern public institutions of higher education, such as FERPA, HIPAA, GLBA, and GDPR; familiarity with Virginia-specific requirements is beneficial;
- Advanced skills in the areas of oral and written communication, relationship-building, collaboration, and problem-solving;
- Demonstrated ability to effectively influence without authority;
- Demonstrated ability to work independently and with limited resources, and to manage multiple projects with cross-functional team members;
- Demonstrated ability to effectively translate legal and regulatory requirements into clear and effective communications, policies, processes, and practices;
- Demonstrated analytical skills with the ability to identify and assess complex privacy issues, and to identify and facilitate improvements to processes and practices;
- Demonstrated continuous improvement mindset with a customer-centric mindset; and
- Certified Compliance and Ethics Professional (CCEP)© certification, equivalent privacy certification, or ability to obtain certification within 1 year (12 months) of hire.
Special Instructions to Applicants
For full consideration, applicants must apply for position number FA01KZ at https://jobs.gmu.edu/; complete and submit the online application; and upload a cover letter, resume, and a list of three professional references with contact information.
George Mason University is an equal opportunity/affirmative action employer, committed to promoting inclusion and equity in its community. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any characteristic protected by law.