Your Impact
The primary purpose of this position is to partner with the Privacy Officer to lead and execute on complex support activities in the design and administration of an enterprise-wide privacy program. Major responsibilities include designing and executing privacy awareness campaigns, managing the enterprise privacy impact assessment program and analyzing privacy issues, monitoring changes to the regulatory landscape, designing, implementing and improving privacy compliance processes and controls, and managing key aspects of the Lowe's data subject request processes.
What you will do
- Work directly with Privacy Officer and business stakeholders to manage privacy program operations. Draft and maintain privacy policies and standard operating procedures on the collection, use, and sharing of personal information.
- Manage and improve the company's ongoing privacy compliance monitoring program to ensure the company maintains proper notice, obtains sufficient consent, responds to privacy inquiries, maintains sufficient contractual or policy guardrails, and follows the best privacy practices. Oversee the process to validate the current privacy controls are functioning properly and coordinate key stakeholders to remediate findings.
- Manage the enterprise privacy impact assessment intake program and platform. Conduct initial privacy impact assessments. Streamline the privacy impact assessment process, enhance the assessment comprehensiveness, and improve the platform's usability and reportability.
- Manage various privacy program platforms that support data subject requests, privacy impact assessment intake, privacy issue tracking and triaging and compliance validation documentation. Collaborate with IT to improve the system functionalities. Generate metrics and reports to measure program effectiveness.
- Engage key stakeholders on privacy issues, including the implementation of Privacy policies, procedures, and requirements, to ensure business functions are aware of and compliant with corporate privacy policies and procedures. Manage privacy controls by leveraging industry privacy frameworks (e.g. NIST Privacy Framework), documenting existing controls and enhancing program maturity based on the industry standard.
- Liaise and engage with various business units to identify programs with privacy impacts. Design and execute privacy awareness campaigns. Coordinate with various business stakeholders to integrate privacy operations into business processes.
- Identify, research, and evaluate known and potential privacy risks and compliance risks across the Company. Perform fact gathering, analyze privacy issues and execute privacy compliance controls on a day-to-day basis.
- Take the lead in operationalizing compliance efforts for major regulatory developments, including state privacy laws. Serve as the main liaison between privacy legal and privacy technology teams to implement the necessary IT changes. Research and assist the Privacy Officer to evaluate the impact of U.S. and international legislative, regulatory, legal developments, and industry guidelines involving privacy and security.
- Oversee and coach team members to manage privacy mailboxes and triage issues. Engage key stakeholders to resolve issues. Oversee the management of the standardized response templates when appropriate. Recommend proposed responses to requestors with complicated requests. Generate issue metrics for risk identification and management.
- Maintain the company's personal information data inventory and record of processing activities. Maintain records of key activities that have privacy impacts.
- Manage key aspects of Lowe's data subject request processes in the US. Review and enhance process flows to increase efficiency. Oversee the data subject response process from the Privacy team.
Want more jobs like this?
Get Business Operations jobs in Huntersville, NC delivered to your inbox every week.
Required Qualifications:
- Bachelors Degree
- 9 years of relevant privacy professional experience
- Knowledge and experience in information privacy, data security, information technology and regulatory compliance
- Very strong computer skills including Microsoft Office Suite
- Demonstrated organization, facilitation, communication, and presentation skills at the executive level
- Thorough knowledge of federal laws and directives pertaining to information privacy and security
- Experience working in a corporate law department
- Experience with matter management systems
- Additional work experience may be substituted for the degree requirement
- Paralegal Certificate
Preferred Qualifications:
- Certified Information Privacy Professional Certification
About Lowe's
Lowe's Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2023 sales of more than $86 billion, Lowe's operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe's supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit Lowes.com.
Lowe's is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.
Starting rate of pay may vary based on factors including, but not limited to, position offered, location, education, training, and/or experience. For information regarding our benefit programs and eligibility, please visit https://talent.lowes.com/us/en/benefits.