University Privacy Associate Director

APPLY

Cornell University embraces diversity and seeks candidates who will contribute to a climate that supports students, faculty and staff of all identities and backgrounds. We strongly encourage individuals from underrepresented and/or marginalized identities to apply.

This position is located on the Cornell University Campus in Ithaca, New York. You will be expected to work on the Ithaca campus, although you may be permitted to perform a portion of your work remotely.

No Visa sponsorship available for this position.

Who we are:

Located in Ithaca, N.Y., Cornell University is a bold, innovative, inclusive, and dynamic teaching and research university where staff, faculty, and students alike are challenged to make an enduring contribution to the betterment of humanity. Cornell University is one of the largest and most diverse institutions in the Ivy League. We are a community of 22,000 students and more than 10,000 faculty and staff members representing more than 80 countries and hundreds of disciplines—global cultures, backgrounds, experiences, perspectives, and ideas.

Our office provides services in compliance, privacy, policy, and risk reduction for the Cornell Community, which allows the University to carry out its academic mission with integrity and in accordance with the University’s legal, regulatory, and ethical responsibilities. To learn more about our services, check out our website here: https://complianceandrisk.cornell.edu/.

What you will do: The Associate Director for University Privacy, with general oversight from the University Chief Compliance and Privacy Officer (UCCPO), is primarily responsible to assist the University Compliance and Privacy Office in the development, leadership, and implementation of a high quality and compliant institutional privacy program at the University. They will establish, implement, and ensure privacy initiatives and deliverables are executed that comprehensively foster a university privacy culture.

Overall responsibilities will prioritize establishing university processes regarding the collection, retention and sharing of information about people, third party contracts, regulatory obligations, incident response and other emerging needs, as necessary. The Associate Director will be responsible as the Data Privacy Protection Officer for General Data Protection Regulation. This includes overseeing risk assessments through privacy partner network and ensuring a functional and planned University Privacy Committee. This position will direct, mentor and coach privacy stakeholder assessments of privacy processes, practices, and facilitation of improvements at the institutional and distributed levels with university stakeholders and stewards.

Who you are:
You are a dedicated, responsive professional that strives to provide a high level of service to the campus internal and external stakeholders. You will also have a high level of knowledge of relevant legal and regulatory requirements, standards, principles, and practices relating to privacy that govern institutions of higher education, such as FERPA, HIPAA, GLBA, and GDPR; and familiarity with decentralized R01 universities. You will have experience conducting risk assessments, risk impacts, and ensuring the monitoring of action items to completion. Ability to form and direct committees and working teams to execute policy, process, programs, and procedures. Must have experience directing and conducting operational activities and be familiar with working in a start-up office. Be able to achieve risk reduction by working with stakeholders to implement and foster effective, efficient, and compliant privacy programs and processes.

You will also have:

• A bachelor's degree in combination with relevant 7+ years of experience or any combination of education and experience equivalent to an advanced degree (such as a master’s degree or law degree) in a relevant field.
• An understanding of privacy frameworks and their applicability to the higher education industry.
• Familiarity and experience with risk rating and modeling. Experience conducting risk-based compliance assessments and root cause analysis.
• Demonstrated critical thinking skills and analysis to solve problems and possess analytical skills with the ability to identify and assess complex privacy issues and identify and facilitate improvements to processes and practices. Understand data management uses, the complexity of data sets, and conceptualize how data flows at a university.
• The ability to identify and assess privacy risks and navigate a decentralized environment.
• Leadership presence and credibility: The ability to hold the room with university stakeholders and have a willingness to engage on difficult issues and work with others with transparency and fairness.
• Demonstrated ability to effectively influence without authority.
• The ability and desire to act quickly to resolve issues and develop solutions.
• Effective communication skills with internal stakeholders, team members, peers, and leadership. Written and verbal communication skills and excellent interpersonal skills, specifically including experience responding to and communicating with stakeholders during urgent situations and the ability to create after action plans and follow up.
• Ability to work independently and with limited resources and manage multiple projects with cross-functional team members.
• Experience working directly with internal or external auditors. Experience working directly with government officials. Collaborating with committee structures and forming committees.
• Experience drafting and implementing written policies, programs, and procedures to guide university and unit privacy compliance initiatives.
• Excellent analytical and organizational skills. Project, task, and time management skills.
• Dedication to providing high service levels to internal and external campus stakeholders along with a demonstrated continued improvement mindset.
• Understanding and expertise with the role technology plays in compliance activities. Demonstrated use of Microsoft Suite products, at a minimum, Word, Excel, and Power Point. Experience with management systems and business analysis activities.
• Ability to respond and communicate with stakeholders during urgent situations and to create after action plans and follow up.
• Knowledge of the legislative process and the regulatory environment that influence higher education and R01 institutions. Ability to interpret and explain complex privacy regulations and translate legal and regulatory requirements into clear and effective communications, policies, processes, and practices.
• Willingness to engage on difficult issues and work with others with transparency and fairness.

Other qualifications (not required but preferred) are:

• Previous privacy position in higher education R01,
• Privacy certification(s),
• Background in international third-party contracts (e.g., EU, England, and China) regarding data,
• Working in a large higher education institution,
• Regulatory Reporting,
• Project management experience,
• Experience working with general counsel, researchers, compliance office, audit, and IT security professionals.

What we offer:

Great benefits that include educational benefits, access to a plethora of wellness programs, employee discounts, health care, paid vacation, health/personal time, 12 university paid holidays (including end of year winter break through New Year’s Day) and employer retirement contributions.

Cornell is situated in picturesque Ithaca, New York, the heart of the Finger Lakes. Ithaca is home to two academic institutions, state parks, waterfalls, gorges, and a wide range of art galleries, theaters, eateries, wineries, and breweries. Ithaca is an active and diverse community to work and thrive in and has something to suit all ages and interests!

Familiarize yourself with Cornell's COVID-19 workplace guidance as well as the university's COVID-19 services and information.

University Job Title:

Job Family:

Level:

Pay Rate Type:

Pay Range:

Remote Option Availability:

Company:

Contact Name:

Job Titles and Pay Ranges:

Non-Union Positions

Noted pay ranges reflect the potential pay opportunity for each job profile. The hiring rate of pay for the successful candidate will be determined considering the following criteria:

• Prior relevant work or industry experience

• Education level to the extent education is relevant to the position

• Unique applicable skills

• Academic Discipline (faculty pay ranges reflects 9-month annual salary)

To learn more about Cornell’s non-union staff job titles and pay ranges, see Career Navigator.

Union Positions

The hiring rate of pay for the successful candidate will be determined in accordance with the rates in the respective collective bargaining agreement. To learn more about Cornell’s union wages, see Union Pay Rates.

Current Employees:

If you currently work at Cornell University, please exit this website and log in to Workday using your Net ID and password. Select the Career icon on your Home dashboard to view jobs at Cornell.

Online Submission Guidelines:

Most positions at Cornell will require you to apply online and submit both a resume/CV and cover letter. You can upload documents either by “dragging and dropping” them into the dropbox or by using the “upload” icon on the application page. For more detailed instructions on how to apply to a job at Cornell, visit How We Hire on the HR website.

Employment Assistance:

For general questions about the position or the application process, please contact the Recruiter listed in the job posting or email mycareer@cornell.edu.

If you require an accommodation for a disability in order to complete an employment application or to participate in the recruiting process, you are encouraged to contact Cornell University's Office of Institutional Equity and Title IX at voice (607) 255-2242, or email at equity@cornell.edu.

Applicants that do not have internet access are encouraged to visit your local library, or local Department of Labor. You may also visit the office of Workforce Recruitment and Retention Monday - Friday between the hours of 8:30 a.m. – 4:30 p.m. to use a dedicated workstation to complete an online application.

Notice to Applicants:

Please read the required Notice to Applicants statement by clicking here. This notice contains important information about applying for a position at Cornell as well as some of your rights and responsibilities as an applicant.

EEO Statement:

Diversity and Inclusion are a part of Cornell University’s heritage. We are a recognized employer and educator valuing AA/EEO, Protected Veterans and Individuals with Disabilities. We also recognize a lawful preference in employment practices for Native Americans living on or near Indian reservations. Cornell University is an innovative Ivy League university and a great place to work. Our inclusive community of scholars, students, and staff impart an uncommon sense of larger purpose, and contribute creative ideas to further the university's mission of teaching, discovery, and engagement.