Are you interested in navigating complex global data protection challenges? Do you like cloud computing, software-as-a-service, and have an interest in giving individuals control over how their personal data is used? If so, join us as a Privacy Program Manager and help build our privacy program in a post-GDPR world!
- Work cross-functionally with stakeholders across the company worldwide to drive continuous improvements.
- Partner with Box's Product and Engineering teams to evaluate new products, features, and processes.
- Be a privacy expert to internal teams and guide them in designing privacy-respecting policies, processes, and solutions.
- Present to customers and internal teams alike about privacy and data protection and privacy by design/default.
- Work closely with teams such as Legal, Security, and Compliance in order to help manage the operations of the privacy program.
Why Box Needs You
We have a world-class compliance and privacy team focused on maintaining an industry-leading approach to data protection. We want to build scalable processes and programs to ensure they are customer-centric and fit a rapidly growing company worldwide. If you're passionate about data protection, cloud computing, and technology, then we'd love you to meet you.
Why You Need Box
Box is a lot more than just file storage, syncing and sharing. Every business in the world is looking to modernize the way that they work. Box offers companies a way to be more productive both inside and outside their organization while ensuring that their most sensitive content is secure. Box thrives on finding solutions to help organizations change the way they work and a key part of those solutions are our world-class compliance and privacy programs.
Who We Are
We're not the "check the box" type of compliance and privacy team that people steer away from. Ok, maybe sometimes we need to be, but we are different! We constantly engage with our customers through discussions, presentations, and on-site visits to understand their compliance and privacy needs. We are incredibly cross-functional (Security, Ops, Engineering, Product, Sales, Marketing, Legal, Customer Success, etc) to ensure that we are doing the right things as a business and for our customers. We are a tight-knit team who loves to roll up our sleeves to get stuff done, make customers happy, and have fun while we are at it.
Who You Are
You have a strong understanding of technology, privacy, and IT controls. You've spent time at a Big 4 or consulting firm performing audits and assessing control risk or have been on the other side of audits and understand what external auditors look and ask for. You understand legal frameworks, how systems work, and want to build great programs for scale. You have an ability to communicate complex topics and requirements and distill them into straightforward requirements that everyone can understand. You thrive working in a fast-paced environment and seeing projects through to completion. You are equally comfortable working with other members of the team, as well as independently on projects.
Experience That Would Be Nice To Have
- 2+ years of consulting on technology, privacy, and control risk
- Familiarity with security and privacy standards such as SOC, ISO 27001, ISO 27018, HIPAA, etc.
- Experience with regional or country-specific privacy requirements throughout Europe or Asia
- Working knowledge of data protection - you can converse about the EU-US/Swiss-US Privacy Shield, the differences between controllers and processors, and understand the GDPR
- Experience negotiating data protection agreements with customers and vendors
- CISA, CISSP, CIPP, CIPM, CIPT or other related certifications
- Ability to speak another language is a plus!