Iron Mountain Director, Privacy, Data Protection & Compliance in Boston, Massachusetts
At Iron Mountain we protect what our customers value most, from the everyday to the extraordinary, while helping them bridge the physical and digital world. Our people have the opportunity to bring their creativity to a workplace that thrives on change. Here, you will be part of a team that doesn’t just embrace what’s exceptional. It creates exceptional.
Leads Privacy function within Global Privacy and Compliance function. Functions as an independent and objective legal advisor to business partners that identifies and evaluates data privacy compliance issues. Provides subject matter expertise and designs corporate privacy trainings; monitors legal and regulatory trends. Enables business and helps to protect the privacy of all stakeholders, including employees, customers, suppliers, and members of the public.
Design global data privacy strategies and lead efforts to comply with relevant privacy and data protection laws in various jurisdictions - including Asia.
Provide legal expertise on interpretation and application of data protection laws.
Design and implement strategies to enable intra-company and cross-border data transfers.
Understanding of data privacy issues relating to data storage and IT infrastructure.
Draft, review, and implement company-wide privacy related policies, procedures and controls; adjust policies and procedures to reflect latest developments in privacy globally.
Scope and perform periodic data privacy risk assessments, mitigation and remediation, including data control design and monitoring, as well as the mitigation of privacy and security risks.
Strategically advise on the development of new services or enhancements to existing services to ensure “privacy by design” and “privacy by default” principles.
Support HIPAA risk assessment and company’s compliance obligations as a HIPAA Business Associate.
Provide support and guidance to investigations and security teams to enable compliance with privacy laws when transferring or analyzing data.
Provide privacy and data protection issue spotting and advice for ethics hotline reports.
Support contract negotiation and drafting for complex privacy and data protection issues.
Design training courses for privacy and data protection, including annual company-wide Privacy and Data Protection training.
Provide support to M&A team for privacy and data protection topics. Work with country management, functional leaders and business leaders to formalize, implement and maintain privacy compliance policies and procedures and to ensure compliance training is completed.
Coordinate with Internal Audit to conduct periodic assessments of the effectiveness and performance of company’s privacy compliance program.
Functional Knowledge, Skills, and Competencies:
8+ years global privacy legal experience advising on data privacy laws compliance and regulatory risks management, including experience managing a global privacy compliance program
Significant experience managing privacy and data protection requirements for a diverse array of physical and digital data with broad global reach.
High-level proficiency in data protection laws and regulations globally.
Experience designing and managing privacy risk assessments.
Outstanding written communication and proofreading skills, particularly with executive-level communications.
Ability to work independently and lead experienced attorneys and multiple diverse projects.
Ability to plan, organize and prioritize a varied, heavy, and continually expanding workload.
Ability to communicate effectively and professionally both verbally and in writing, with all levels of management up to and including the General Counsel and CEO.
Ability to maintain confidentiality of customers, employees and proprietary information.
Outstanding written and oral skills.
Superior report writing and presentation skills.
Unquestionable ethics and integrity.
Desire to work and collaborate in a team environment.
Strong interpersonal skills; team player with ability to deal effectively with individuals at all levels.
Demonstrated ability to produce high-quality work in a timely fashion and provide effective guidance on legal issues to business clients.
# LI - Remote
Category: Legal Group
Iron Mountain is committed to a policy of equal employment opportunity. We recruit and hire applicants without regard to race, color, religion, sex (including pregnancy), national origin, disability, age, sexual orientation, veteran status, genetic information, gender identity, gender expression, or any other factor prohibited by law.
To view the Equal Employment Opportunity is the Law posters and the supplement, as well as the Pay Transparency Policy Statement, CLICK HERE