Legal Compliance Manager – Privacy Team

Job Description: • Partner with the Director of Enterprise Incident Response to implement and maintain an effective incident response program • Lead the research, management, and resolution of privacy issues presented to the Privacy Office • Design and deliver privacy compliance training programs; perform auditing and monitoring activities to ensure ongoing adherence to regulatory requirements and internal policies • Prepare and issue required notifications to clients, business partners, and government regulators in accordance with applicable laws. • Monitor the performance of the incident response program while taking appropriate steps to improve its effectiveness • Act as an advisor to the business in all aspects of incident response and other privacy-related questions (risk assessment, regulatory reporting, etc.) • Serve as a subject matter expert and compliance resource for internal and external partners. • Collaborate with other departments to direct compliance issues to appropriate existing channels for investigation and resolution • Respond to cybersecurity and privacy incidents, complaints received from customers, third parties, regulators and areas of the business • Assist with the investigation of such incidents in a consistent, uniform manner • Monitor, and as necessary, coordinate incident response activities of other departments to remain abreast of the status and to identify trends. • Manage a team of Sr. Analysts responsible for handling day-to-day and large privacy incidents, ensuring thorough investigation, careful documentation, and timely resolution of incidents in a high-volume, fast-paced environment. • Collaborate with Privacy Legal and Compliance Operations, IT, arenaflex Information Protection, and Enterprise Risk Management, and other stakeholders to ensure coordinated incident handling and timely resolution. • Partner with arenaflex Information Protection team to test and execute the cyber-incident response playbook for key clients. • Lead key client relationships to ensure all contractual and costly performance guarantees are met, including reporting incidents in accordance with the contract and perform ongoing daily communication with clients until incident is closed. • Support strategic compliance initiatives, including internal and external audits, policy development, and employee training. Requirements: • Bachelor’s degree • 5+ years of experience managing large privacy incidents. • Healthcare and/or PBM privacy and compliance experience required • Demonstrated experience leading teams and driving incident management processes. • Strong analytical, communication, and interpersonal skills; proven ability to work cross-functionally and influence stakeholders. • Knowledge of State and Federal breach notification laws, including HIPAA. • Demonstrated competency with privacy management software and incident tracking tools. • Ability to manage multiple priorities in a fast-paced, matrixed environment and adapt to evolving regulatory requirements. Benefits: • medical, vision, dental, and well-being and behavioral health programs • 401(k) • company paid life insurance • tuition reimbursement • a minimum of 18 days of paid time off per year • paid holidays Apply tot his job Apply tot his job