Privacy Compliance Consultant - Erie Insurance
Erie, PA 16501
About the Job
Office of the Secretary of General Counsel
Department of Position: Privacy & Third Party Risk Dpt
Work from:
Home Office, Erie PA Salary Range:
$95,478.00-$152,516.00*
salary range is for thislevel and may vary based on actual level of role hired for
*This range represents a national range and the actual salary will depend on several factors including the scope and complexity of the role and the skills, education, training, credentials, location, and experience of an applicant, as well as level of role for which the successful candidate is hired.Position may be eligible for an annual bonus payment.
At Erie Insurance, you're not just part of a Fortune 500 company; you're also a valued member of a diverse and inclusive team that includes more than 6,000 employees and over 13,000 independent agencies. Our Employees work in the Home Office complex located in Erie, PA, and in our Field Offices that span 12 states and the District of Columbia.
Benefits That Go Beyond The Basics
We strive to be Above all in ServiceĀ® to our customers-and to our employees. That's why Erie Insurance offers you an exceptional benefits package, including:
- Premier health, prescription, dental, and vision benefits for you and your dependents.Coverage begins your first day of work.
- Low contributions to medical and prescription premiums.We currently pay up to 97% of employees' monthly premium costs.
- Pension.We are one of only 13 Fortune 500 companies to offer a traditional pension plan. Full-time employees are vested after five years of service.
- 401(k) with up to 4% contribution match.The 401(k) is offered in addition to the pension.
- Paid time off.Paid vacation, personal days, sick days, bereavement days and parental leave.
- Career development.Including a tuition reimbursement program for higher education and industry designations.
Additional benefits that include company-paid basic life insurance; short-and long-term disability insurance; orthodontic coverage for children and adults; adoption assistance; fertility and infertility coverage; well-being programs; paid volunteer hours for service to your community; and dollar-for-dollar matching of your charitable gifts each year.
Position Summary
Designs, develops, implements, administers and documents activities of the privacy compliance function. Participates in and completes moderate-to-complex special projects that involve processes related to information privacy. Investigates information privacy incidents and assists with incident response, develops and delivers training and awareness programs, and assists with the development and monitoring of company policies, standards and procedures related to information privacy.
- The Hiring Manager will also consider candidates for a Senior Privacy Compliance Generalist. Level of position offered will be based upon the depth and breadth of selected candidate's experience and qualifications.
Duties and Responsibilities
Manages and facilitates training awareness activities to enhance understanding of data protection and privacy requirements.
Leads incident management and investigation efforts regarding potential and/or actual security/privacy incidents.
Coordinates privacy impact assessments and works with stakeholders to ensure compliance with regulations and other requirements.
Assists with the development, effectiveness, and compliance of information security and privacy policies and procedures.
Maintains a thorough understanding of ERIE's business practices and operations and assesses the application of applicable policies and standards to those operations.
Applies and maintains a strong working knowledge of applicable federal and state privacy laws, regulations and rules.
Researches, investigates, and resolves moderate to complex privacy compliance issues and recommends actions to support compliance with privacy related requirements.
Plans and leads meetings with Employees and management to evaluate and recommend appropriate response to new privacy laws and regulations, and moderate to complex existing privacy compliance matters.
Communicates the mission and objectives of the privacy compliance function. Maintains and updates information on ERIE's web sites specific to information security and privacy policies and procedures.
Identifies resources to educate and train managers and Employees on the handling of restricted and confidential data during data lifecycle.
Develops, maintains, and enhances tools to monitor projects, issues and inquiries.
Grows professionally by focusing on continuous improvements and staying abreast of privacy and cybersecurity issues and best practices.
The firstfour duties listed are the functions identified as essential to the job. Essential functions are those job duties that must be performedin order forthe job to be accomplished.
This position description in no way states or implies that these are the only duties to be performed by the incumbent. Employees are required to follow any other job-related instruction and to perform any other duties as requested by their supervisor, or as become evident.
Competencies
Values Diversity
Detail Orientation
Nimble Learning
Self-Development
Collaborates
Customer Focus
Job-Specific Knowledge
Cultivates Innovation
Instills Trust
Optimizes Work Processes
Decision Quality
Ensures Accountability
Qualifications
Minimum Required Education Equivalents
Bachelor's degree and seven years-experience in property/casualty insurance, life insurance, healthcare insurance, financial services, or other regulated business or industry with a similar work environment; or
Associate's degree and/or Paralegal Degree/Certificate and nine years-experience in property/casualty insurance, life insurance, healthcare insurance, financial services, or other regulated business or industry with a similar work environment; or
High school diploma or GED and eleven years-experience in property/casualty insurance, life insurance, healthcare insurance, financial services, or other regulated business or industry with a similar work environment.
Willingness to pursue relevant designations or training, such as
Certified Information Privacy Professional (CIPP),
Certified Information Privacy Technologist (CIPT),
Certified Information Privacy Manager (CIPM),
Certified Information System Auditor (CISA),
Certified Information Systems Security Professional (CISSP)
Working knowledge of regulatory processes preferred .
Knowledge of privacy compliance concepts preferred .
Knowledge of information security, practices, and security frameworks preferred .
General understanding of IT risk management and mitigation controls, data governance, and regulatory controls and compliance
Strong understanding of business processes, internal controls including IT and how they interact together preferred .
Proficiency with word processing and spreadsheet software required .
Familiarity with database software and SharePoint preferred .
Occasional overnight travel required .
All Employees with a telecommuting arrangement in which they consistently work remotely during part, or all, of their work schedule must have in their regular remote work location, access to business class internet service providing 3 megabytes (3 MBs) or more of bandwidth. For this purpose, business class internet means internet service with a static IP address, dedicated connections and guarantees or service level agreements (SLAs) addressing relevant performance characteristics. The internet service bandwidth requirement is subject to revision from time to time based on the requirements of ERIE's systems.
Physical Requirements
Climbing/accessing heights; Rarely
Lifting/Moving 0-20 lbs; Occasional (
Lifting/Moving 20-50 lbs; Occasional (
Ability to move over 50 lbs using lifting aide equipment; Rarely
Driving; Occasional (
Pushing/Pulling/moving objects, equipment with wheels; Rarely
Manual Keying/Data Entry/inputting information/computer use; Frequent (50-80%)