Privacy Manager

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking a Manager, Privacy & Risk Management to join our Global Quality and Risk Management group which is part of KPMG International.

Responsibilities:

• Manage KPMGI's Schrems II Transfer Impact Assessment ("TIA") processes and documentation; updating KPMGI's TIA framework when necessary; this includes working with application owners and other stakeholders to manage KPMGI's privacy risk by conducting TIAs for KPMGI's global applications and documenting the analysis in the OneTrust Technology Tool
• Act as a privacy subject matter expert on the General Data Protection Regulation (GDPR) and other privacy regulations with respect to cross-border transfers of personal data; this includes providing support in the creation of KPMGI's Privacy Program policy, guidance, and training materials
• Provide guidance and act as a point of escalation for more junior privacy resources with respect to various privacy compliance tasks, such as Data Subject Requests and Regulatory Inventory requirements
• Help manage KPMGI's response to Internal Audit of Privacy Controls and other privacy compliance queries
• Manage various operational activities and privacy projects, collaborating with other teams and stakeholders within the KPMG global organization to support KPMGI's Risk Management Framework

Qualifications:

• Minimum five years of experience in one or more of the following areas: privacy, information protection, data protection, privacy risk management, enterprise risk management, privacy operations, legal privacy, and compliance, within a corporate environment, government organization, legal/consulting firm (global organizations preferred)
• Bachelor's degree from an accredited college/university
• Familiarity with Schrems II Transfer Impact Assessment ("TIA") requirements or equivalent experience with similar privacy activities; familiarity with risk management and privacy frameworks and standards (e.g., COBIT, NIST, ISO 27001, ISO 3100)
• Understanding of the General Data Protection Regulation (GDPR) and other privacy regulations with respect to cross-border transfer of personal data
• Experience with OneTrust Data Mapping or Privacy Impact Assessment modules highly desired, but not required; experience with Privacy Management, Risk Management, or other Governance, Risk & Compliance ("GRC") systems like OneTrust, TrustArc, RSA Archer, ServiceNow or others a plus
• Relevant Privacy, Information Protection or Risk Management certification (e.g., IAPP, CIPP, CIPM, CIPT, CRISC, CISSP, CISM and CISA) desired, but not required

KPMG complies with all local/state regulations in regards to displaying salary ranges. If required, the salary range(s) are displayed below and are specifically for those potential hires who will perform work in or reside in the location(s) listed, if selected for the role. Any offered salary is determined based on internal equity, internal salary ranges, market-based salary ranges, applicant's skills and prior relevant experience, certain degrees and certifications (e.g. JD, technology), for example.

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).