Job Description

To review and analyze Navy Federal's risk exposure related to data privacy and data usage. Support management in providing frameworks and recommendations for the ethical and responsible use of data and models across the enterprise. Understand regulatory data usage and privacy requirements and support the alignment of Navy Federal's business and data activities for those requirements. Operates independently with little guidance on day-to-day activities.

Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks.

Our approach to careers is simple yet powerful: Make our mission your passion.

• Best Companies for Latinos to Work for 2024
• Computerworld® Best Places to Work in IT
• Forbes® 2025 America’s Best Large Employers
• Forbes® 2024 America's Best Employers for New Grads
• Forbes® 2024 America's Best Employers for Tech Workers
• Fortune Best Workplaces for Millennials™ 2024   
• Fortune Best Workplaces for Women ™ 2024
• Fortune 100 Best Companies to Work For® 2024
• Military Times 2024 Best for Vets Employers
• Newsweek Most Loved Workplaces
• 2024 PEOPLE® Companies That Care
• RippleMatch Recruiting Choice Award
• Yello and WayUp Top 100 Internship Programs

From Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected Veteran.

Hybrid Workplace: Navy Federal Credit Union is a hybrid workplace, and details will be discussed during your interview process.

Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team’s discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position.

Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.

• Bachelor's degree in Business Administration, Information Management, Legal Studies, or related field, or the equivalent combination of education, training, and experience
• 1 to 3 years of related work experience in privacy and risk analysis
• Working knowledge of internal and external data flows and their impact to privacy
• Working knowledge and understanding of federal and state laws and regulations governing data privacy and protection
• Effective communication and analytical skills that demonstrate the ability to distill complex challenges into actionable solutions
• Effective skill communicating thoughts, concepts, practices effectively at all levels, adjusting as needed to a target audience    
• Self-motivated and proactive, able to learn quickly and apply new concepts, tools, and applications               
• Advanced organizational, planning, and time management skills                        

Desired Qualification(s)

• Professional certification in Data Privacy, such as CIPP/CIPM preferred
• Proficiency in US federal and state privacy law and regulations applicable to financial institutions
• Working knowledge of Navy Federal functions, philosophy, operations, and organizational objectives preferred 
• Experience with OneTrust Privacy Automation & Data Discovery
• J.D. or Master's degree in Business Administration, Information Management, Legal Studies, or related field, or the equivalent combination of education, training, and experience

Hours: Monday - Friday, 8:00AM - 4:30PM

Locations: 820 Follin Lane, Vienna, VA 22180 | 141 Security Drive, Winchester, VA 22602 | 5510 Heritage Oaks Drive, Pensacola, FL 32526

• Acts as the product owner of the privacy rights automation / data subject access requests (DSAR) process. Responsible for fulfillment of all consumer individual rights request, metrics & reporting, and end-to-end privacy rights automation.
• Support efforts to educate, train, and build awareness of evolving data privacy and data risk landscape with business lines to secure support in operationalizing compliance, foster privacy by design principles into the product lifecycle, and recommend frameworks to drive the ethical and responsible use of data and models across Navy Federal
• Support working partnerships with stakeholders such as Office of General Counsel, Compliance, Procurement and Vendor Management, Information Security, Enterprise Risk, Information Services, and Internal Audit to drive cross functional privacy risk mitigation
• Support management in identifying relevance and impact of regulatory developments, enforcement trends, and industry specific initiatives related to data privacy and risk
• Support 2nd line of defense in conducting Privacy Impact Assessments of Navy Federal systems and new and innovative processes, tools, and technologies
• In collaboration with Enterprise Risk and Compliance, assist in the development of controls to manage privacy risk, and act as advisor to business areas in implementing the controls
• In partnership with Procurement and Third-Party Risk Management, and the Office of General Counsel, track contracts involving data transfers between Navy Federal and external parties, and identify risks associated with contracts
• Support management in interfacing with Internal Audit and external examiners in representing the Privacy Program, and assist in preparation of appropriate materials in response to examiner inquiries; support management in mitigating risks identified during privacy and data risk audits and exams
• Assist in benchmarking activities and the maintenance of policies, standards, and procedures related to privacy consistent with financial services laws, regulations, and best practices
• Continually improve knowledge of data privacy and data risk; complete continuing education to improve expertise in current and evolving privacy matters and maintain certifications
• Perform other duties as assigned