Velera is the nation’s premier payments credit union service organization (CUSO) and an integrated fintech solutions provider. The company serves more than 4,000 financial institutions throughout North America, operating with velocity to help our clients keep pace with the rapid momentum of change and fuel growth in the new era of financial services. Our purpose: We accelerate partners’ success through innovative financial technology solutions and inspired service.
The Opportunity
The Privacy Program Manager will be responsible for establishing and maintaining all aspects of an enterprise-wide privacy program framework at the department, business, and functional area levels. The individual will work as part of the regulatory compliance and privacy team and be responsible for establishing and maintaining enterprise-wide related privacy policies/procedures, privacy impact assessments/risk assessments, metrics, enterprise-wide privacy training, and ensuring compliance with applicable privacy requirements. The individual must have good knowledge of privacy/data protection laws and the ability to interpret privacy legislation, laws/regulations, and advise the VELERA business and functional areas on how to bring the company into compliance with complex privacy-related legal, regulatory, and/or policy requirements. They work with leadership, including senior management, and are accountable for identifying key collaborators and advising on privacy-related legal/compliance requirements. This individual is part of the second line of defense on the privacy and/or regulatory compliance team and participates in council meetings. The successful individual will have credibility and be able to influence privacy matters. They have strong written and verbal communication skills to communicate with all leadership levels within the organization, as well as the ability to establish collaborative relationships within the company.
Day in the Life
Develops, improves, and promotes the privacy framework, in conjunction with the vision of direct leadership, and directs and coordinates the privacy program, including associated risk to the organization.
Provides thought leadership, advice, and recommendations to managers and leadership.
Provides strategic guidance and supports the business, functional, and compliance teams to assess, develop, and implement enhanced privacy controls and processes to support program implementation, oversight, and monitoring.
Provides input to design and maintains ongoing privacy training to enhance enterprise-wide privacy risk management knowledge and culture.
Develops insight and maintains transparency around privacy risk for managers, leadership, committees, and senior management on the performance of privacy program/activities within the organization.
Acts as a primary point of contact within the organization for members of staff and regulators on issues related to privacy.
Promotes a culture of privacy compliance across the organization through Policy, Process, and/or Procedures; provides guidance to resolve privacy issues brought up from business and functional areas representatives.
Maintains, writes, and updates policies to ensure continued alignment with privacy laws and regulations in the jurisdictions in which VELERA transacts or operates, as applicable. Examples may include, but are not limited to, privacy-related laws in U.S. states or territories, the General Data Protection Regulation (GDPR), Canada PIPEDA, Bermuda PIPA, and the California Consumer Protection Act.
Monitor changes to privacy laws and regulations, and make recommendations to the business and functional areas, as appropriate. Maintain an awareness of industry best practices in order to ensure an effective and dynamic privacy framework.
Monitor operational privacy practices to assess adherence to corporate policy requirements and provide assurance that relevant privacy processes are effectively embedded into the business.
Perform Privacy Impact Assessments (‘PIAs’) to ensure that all relevant privacy changes are captured and assessed in a timely fashion.
Manage the Data Subject Access Request (DSAR) process, including reviewing, validating, and responding to requests and maintaining a repository of requests and responses.
Provide regulatory input to data incident management as needed, working closely with Legal, Investigations & Corporate Fraud, IT, and InfoSec teams to ensure appropriate and timely resolution.
Review vendor contracts in partnership with the firm’s Legal, Vendor Risk Management, Procurement, Compliance, and Information Security functions, to ensure inclusion of appropriate privacy-related contractual clauses.
Participate in the relevant compliance and/or data governance councils and/or committees, and provide input to leadership and/or other group councils, as required.
Report on data privacy matters to leadership and key collaborators, appropriately escalating any privacy risks as required.
Exhibit indirect leadership and influence to ensure that people, resources, and processes are aligned with VELERA’s privacy framework and deliver the required standards of performance.
Perform other duties as assigned.
Qualifications:
Bachelor’s degree in Business Administration, Finance, Accounting, or related disciplines required; preferably in legal, regulatory, or financial services compliance.
Certified Information Privacy Professional (CIPP) or other Data Protection certification desired
Seven (7) years of related work experience in the 2nd or 3rd line of defense, preferably in the 2nd line working in a financial services environment in functional areas such as compliance, risk management, information security, or audit required.
Seven (7) years of experience working in privacy, including expertise with privacy framework design/implementation, managing and advising on complex projects, and preparing deliverables for all levels of leadership of the organization required.
About Velera
At Velera we are committed to fostering a workplace where every employee feels valued, respected, and connected. We understand, attract and engage a diverse workforce where every employee can live up to their full potential; ensuring that our employee base reflects the consumers we serve. The result of this effort is an inclusive environment where diverse talent thrives. We strive to foster a safe and inclusive work environment for people to bring their authentic selves in order to build a better community within our company and with our partners. Learn more about our commitment to Diversity, Equity, and Inclusion HERE!
Pay Equity
$95,800.00 - $124,500.00Actual Pay will be adjusted based on experience and other job-related factors permitted by law.
Great Work/Life Benefits!
Competitive wages
Medical with telemedicine
Dental and Vision
Basic and Optional Life Insurance
Paid Time Off (PTO)
Maternity, Parental, Family Care
Community Volunteer Time Off
12 Paid Holidays
Company Paid Disability Insurance
401k (with employer match)
Health Savings Accounts (HSA) with company provided contributions
Flexible Spending Accounts (FSA)
Supplemental Insurance
Mental Health and Well-being: Employee Assistance Program (EAP)
Tuition Reimbursement
Wellness program
Benefits are subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions
Velera is an Equal Opportunity Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law.
Velera is an Equal Opportunity Employer that complies with the laws and regulations set forth in the following "EEO is the Law" Poster. Velera will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the legal duty to furnish information.
Velera is an E-Verify Employer. Review the E-Verify Poster here. For information regarding your Right To Work, please click here.
This role is currently not eligible for sponsorship.
As an ongoing commitment to reasonably accommodate individuals with disabilities please contact a recruiter at [email protected] for assistance.
Top Skills
What We Do
Velera, formerly PSCU/Co-op Solutions, is the nation’s premier payments credit union service organization (CUSO) and an integrated financial technology solutions provider. With over four decades of industry experience and a commitment to service excellence and innovation, our company serves more than 4,000 financial institutions throughout North America, operating with velocity to help our clients keep pace with the rapid momentum of change and fuel growth in the new era of financial services. Velera leverages its expertise and resources on behalf of credit unions and their members, offering an end-to-end product portfolio.
