30 days old

Data Protection Officer

Irvine, CA 92618
  • Job Code

Why You're Here

Arbonne is looking for an experienced Data Protection Officer (DPO) to satisfy its obligations under the European Union (EU) General Data Protection Regulation (GDPR) and California Consumer Privacy Account (CCPA).

The DPO will have formal responsibility for data protection compliance and privacy within the company and will monitor compliance and data practices internally to ensure the business and its functions comply with applicable requirements. The DPO will be responsible for staff training, data protection impact assessments, and internal audits. The DPO will also serve as the primary contact for regulatory agencies and those individuals whose data is processed by the organization.

What You'll Be Doing

This role will work closely with the Legal, Compliance, Governance and Information Security functions to develop and monitor policies and standards applicable to the business and in compliance with the GDPR and CCPA.

Job duties will include:

  • Monitor compliance with the GDPR, CCPA, and other applicable data protection laws as well as policies established by controllers or processors for the protection of personal data
  • Establish a privacy governance framework to manage data use in compliance with the GDPR, CCPA and other applicable regulations, including developing templates for data collection, assisting with data mapping, and vendor management reviews.
  • Ensure Arbonne's IT systems and procedures comply with all relevant data privacy and protection laws, regulations and policies, including in relation to the retention and destruction of data.
  • Work with key internal stakeholders in the review of projects and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments.
  • Serve as the primary point of contact and liaison for external supervisory and data protection authorities and regulatory agencies on all data protection related matters under the GDPR.
  • Serve as the primary point of contact for the internal business regarding data privacy rules, best practices, and requirements, and manage internal data protection activities.
  • Elevate awareness within the organization about compliance requirements and train internal staff involved in data processing activities and operations.
  • Review vendor contracts (including Model Clauses) and consents needed to implement projects in partnership with the procurement function and ensure filing requirements with local regulators are achieved.
  • Manage and conduct ongoing reviews of Arbonne's privacy governance framework including any relevant policies applicable to data privacy, or relevant Binding Corporate Rules (BCR).
  • Monitor changes to local privacy laws and make recommendations when appropriate.
  • Establish standards and review policies and procedures globally that meet the requirements of the GDPR, CCPA and any local requirements in relevant jurisdictions.
  • Develop and deliver privacy training to various business functions.
  • Advise on data protection impact assessments and develop strategies and initiatives to ensure engagement with key internal and external stakeholders.
  • Coordinate and perform internal data privacy audits to ensure compliance.
  • Collaborate with the Information Security team to provide guidance and raise employee awareness regarding data privacy and security issues and provide relevant training.
  • Collaborate with the Information Security team to maintain records of all data assets and exports, and maintaining a data privacy and security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications, respond to regulatory agencies, and respond to subject access requests (SARs).

What You Need

  • 5 years' experience within a compliance, legal, audit and/or risk function, with recent experience in privacy compliance.
  • At least 2 years' experience with GDPR and working knowledge of CCPA.
  • Experience in developing policy and compliance training.
  • Experience working in a regulated industry preferred, particularly multi-level marketing.
  • Education Bachelor's Degree required. Law degree from an accredited law school strongly preferred.
  • At least one Data Protection and/or Privacy certification such as, CIPP, CIPT, ISEB, etc., (preferred).

Skills and Abilities

  • Strong knowledge of EU data privacy and data protection regulation, and a solid understanding of other major privacy frameworks and evolving legislation.
  • Knowledge of information technology and data management systems required. Mature, professional and sound interpersonal skills. Ability to communicate and interact effectively with people at all organizational levels.
  • Ability to work independently in a fast paced and quickly moving environment undergoing change.
  • Strong change and project management skills, including the ability to manage time well, prioritize effectively, and manage multiple deadlines effectively.
  • Ability to handle confidential and sensitive information with appropriate discretion and sound judgment. High ethics are required, plus the ability to effectuate change and identify noncompliance even if unpopular.
  • Excellent writing and presentation skills.

Additional Requirements

  • Some international travel is required, including coordination with parent company located in Europe.
  • The statements contained in this position description are not necessarily all-inclusive; additional duties may be assigned, and requirements may vary from time to time.

Arbonne International is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sexual orientation, national origin/ancestry, age, sexual orientation, gender identity, gender expression, military/veteran status, marital status, disability status or any other basis prohibited by law. At Arbonne International it's about each person bringing passion and skills to a dynamic and inclusive workplace!



Posted: 2020-07-10 Expires: 2020-08-10

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Data Protection Officer

Irvine, CA 92618

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast