Project Specialist, Privacy Operations - Customer Operations Regulatory & Compliance

Overview

The Privacy Operations team works to enhance the enterprise privacy program supporting both Con Edison and Orange & Rockland in response to growing customer expectations, risk management imperatives, and current/evolving legal obligations around the collection, storage, processing, and sharing of personal data. In partnership with Enterprise Technology Services, the team is responsible for implementing and managing the necessary processes and tools, as well as the privacy technology platform OneTrust.

The Project Specialist will be the teams lead for operations, communications, and reporting. This includes managing programs such as data privacy assessments (PIAs) and customer privacy inquiries (DSARs), responsibility for change management to keep stakeholders engaged and informed about program enhancements, tracking key program metrics and monthly scorecard results, and reporting and presenting about team status across various forums including working groups and leadership meetings.

Responsibilities

• Manage the administration and governance of the Privacy Review process involving issuing and reviewing privacy assessments, leading the review and approval of the assessments by the oversight team that includes Privacy Operations, Privacy Compliance, and Data Governance, and communicating clarification requests and approvals with program and application owners.
• Support timely responses to inbound privacy requests received from customers and external data subjects, as well as from internal stakeholders.
• Track privacy program metrics on a monthly and quarterly basis as required for compliance, regulatory, and leadership-level reporting.
• Plan and facilitate leadership meetings on privacy program status and updates, including escalating needs and issues as needed and securing leadership approval and buy-in surrounding key program decisions.
• Represent the Privacy Operations team in stakeholder meetings and program update presentations, as applicable.
• Document, formalize, and update as necessary standard operating procedures for steady state operations.
• Engage privacy stakeholders across the company to adopt a privacy-by-design mindset through implementation of program processes, procedures, and tools for operationalizing the management of personal data.
• Collaborate with Privacy Compliance, Data Governance, Communications Program Managers, and other stakeholders across the company to build privacy awareness and collaborate on shared privacy and compliance objectives.
• Create, maintain, and implement (when applicable) key project documentation such as a change management strategy and stakeholder registry.
• Develop messaging, communication materials, and project artifacts to proactively engage stakeholders, build awareness, solicit input, and gain alignment to positively influence project outcomes. Maintain and update materials as the program continues to evolve and mature.
• Conduct research and perform benchmarking with utilities and other businesses and organizations like the IAPP to stay informed of new legislation, trends, and best practices.
• Support a customer-centric culture, taking special interest in meeting the needs of external and internal stakeholders.
• Perform other related tasks and assignments as required.

Qualifications

• Master's Degree and 2 years of related work experience or
• Bachelor's Degree and 3 years of related work experience or
• Associate's Degree and 5 years of related work experience or
• High School Diploma/GED and 7 years of related work experience

• Master's Degree and 2 years of related work experience Related work experience includes 2 years of change management, privacy, data, or project experience

• Ability to work independently and collaboratively with stakeholders to drive results and build consensus, required.
• Strong organizational, timemanagement, and attentiontodetail skills; ability to manage multiple priorities and deadlines, required.
• Proven leadership, interpersonal, and written/oral communication skills across all organizational levels, required.
• Experience developing and delivering presentations and creating clear documentation for diverse audiences, required.
• Strong analytical and problemsolving skills, including experience writing reports, business cases, or white papers, required.
• Proficiency in Microsoft Office and related tools (Word, Excel, PowerPoint, Teams, SharePoint), required.
• Experience in privacy, data privacy, or data governance roles, including risk management, compliance, and program implementation, preferred.
• Experience in a regulated environment (e.g., utility industry) and/or using privacy technologies such as OneTrust; supervisory or vendor management experience, preferred.

• Demonstrated problem solving skills
• Effective interpersonal skills
• Project Demonstrated project management skills
• Demonstrates a high commitment to quality
• Ability to drive multiple projects to successful completion

• Driver's License Required
• Other: PMP, CCMP, or Prosci Certifications Preferred
• Other: Agile or Scrum certification(s) Preferred
• Other: OneTrust Privacy Professional certification Preferred
• Other: IAPP CIPP-US, CIPM, or CIPT certification Preferred

• The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
• Must be able and willing to travel as needed.
• Must be able to provide off hours support as required.