Privacy Engineer - Security & Privacy

For Earth For Life

Position is hybrid - In Office Requirement 

Relocation is unable for this position 

Employer Sponsorship is unable for this position 

BASIC PURPOSE AND SCOPE OF POSITION:

This position will support the Security and Privacy Manager in developing and maintaining a comprehensive data governance capability. The Privacy Engineer will lead several efforts pertaining to data governance, data collection practices, and administrative security.  

Kubota North America seeks to add a Privacy Engineer who will report to the Manager of Security and Privacy and will be responsible for supporting Kubota’s data governance initiatives through processes and technologies such as Data Loss Prevention (DLP) platforms. The engineer will work with security leadership and stakeholders to establish and define data governance enforcement policies to be configured across the enterprise. In addition, the candidate will work with key partners including HR, Legal, and other teams across the enterprise to document and implement key activities (to include working with security operations on triage and investigation, escalation of policy breaches and potential/actual instances of data leakage, and reporting .

KEY RESPONSIBILITIES/DAILY DUTIES:  

The Privacy Engineer will be tasked with the following responsibilities/duties, all in accordance with applicable Federal, State and local laws / regulations as well as ratified Kubota policies, procedures, and guidelines:

• Develop and implement solutions to ensure privacy policies are correctly implemented. The implementations should advance compliance with legal forms of data use as well as support business use of data.
• Work to align advanced technologies and Privacy by Design principles from the first stages of development and ensure that the data use meets established regulatory compliance needs. 
• Maintain privacy inventories required by law (vendor, assets and processing activities), designing, creating, maintaining and running Data Privacy Impact Assessment (DPIA  or PIA). 
• Serve as a subject matter expert (SME) on data management and privacy standards such as NIST Privacy Framework, FIPS-199, framework standards NIST CSF, 800-53A, and ISO-27000; as well as regulations NYDFS, CCPA, CPRA, CDPA, GDPR, and FISMA. 
• Collaborate with data product development teams creating new uses of data that employ privacy features.
• Interacting with internal privacy program personnel, product development teams, legal, compliance, governance and data teams. 
• Implement solutions to support the discovery, inventory, and classification of data.
• Analyze, design and program software enhancements for new data streams with a goal of developing technical solutions and systems to help mitigate privacy vulnerabilities and prevent potential future privacy risks.
• Responsible for assisting with the management of the data privacy, data protection, data usability, performance and the integrity of the privacy solution.
• Interact with users to define system requirements and/or necessary modifications to new or existing software. 
• Interface with other developers and architects in implementing data solutions that enable the business to be data driven while protecting the data assets. 
• Interface with usability team to ensure user-facing privacy controls are usable
• Use data anonymization, pseudonymization and encryption to develop systems that preserve and improve privacy protections.
• Guide the development of new privacy products and features.
• Identify areas of improvement in local practices relative to managing data privacy.
• Performs regular privacy assessments of operational processes, identifying, and mitigating risks across the company through effective tools, training and guidance
• Communicates program progress, escalations, and issue analysis to key stakeholders
• Acts as key interface to data science and analytics communities both within and outside of the organization

SPECIAL PROJECTS 

As assigned

MINIMUM QUALIFICATIONS:

EDUCATION, CERTIFICATIONS, AND TRAINING:

• BS or MS degree in computer science, computer engineering, information systems, privacy engineering or related field of study.
• 5 years' experience in privacy / data protection or a graduate degree or concentration in privacy engineering.
• CIPT certification strongly preferred.
• One Trust certification is required.  

• Experience generating and maintaining the Data Subject Access Requests (DSAR’s) environment preferred.
• Experience creating Privacy features related to websites cookie management and website compliance with accessibility rules preferred.
• Excellent communication and presentation skills and the ability to effectively communicate designs, proposals, and results; and negotiate options at management levels.

SKILLS AND BACKGROUND:

• Excellent analytical and problem-solving skills.
• Excellent communication skills (verbal and written), ability to influence without authority.
• Ability to balance risks in ambiguous and complex situations.
• Demonstrated teamwork and collaboration skills, in leading or contributing to global and multi-functional teams.
• Highly motivated to contribute and grow within a complex area of emerging importance.
• Experience or understanding of software applications design tools and languages
• Understanding of design for software applications running on multiple platforms.
• Understanding of testing, coding and debugging procedures.
• Demonstrated working knowledge of software engineering fundamentals.
• Competent in the interpretation of numeric data, an understanding of statistical principles.
• Data literacy: finding and managing data, cleansing data, manipulating data.
• Ability to perform operations on large datasets 

LANGUAGE REQUIREMENTS:  

Must be able to read, write and communicate in English.

EQUIPMENT OPERATION (% of time, description, nature of service):  0%

Office equipment including computer, copier, fax, phone, printer

PHYSICAL REQUIREMENTS:  

Typical office environment.

ADDITIONAL INFORMATION:

DISCLAIMER:

The information provided in the description has been designed to indicate the general nature and level of work performed by incumbents within the classification.  This description is not intended to be a comprehensive inventory of all duties, responsibilities, qualifications and working conditions required of employees assigned to this job/classification.  This job is intended to include the current essential functions of the job.  Management reserves the right to add or modify the duties and responsibilities and to designate other functions as essential at any time.

 Kubota is an equal opportunity at will employer and does not discriminate against any employee or applicant for employment because of age, race, religion, color, disability, sex, sexual orientation or national origin.