1. SCOPE OF WORK
Reporting to the IFC CIT privacy program manager, the primary responsibilities of the selected candidate will include, but not be limited to, the following:
Primary Responsibilities:
A. Architect and Design:
a. Architect and design comprehensive privacy solutions leveraging OneTrust technologies, including integrations and supporting infrastructure and services.
b. Create detailed architectural documentation and diagrams to ensure the product design is clear and adheres to enterprise standards.
c. Develop and maintain reference architecture diagrams, and developer and user handbooks.
B. OneTrust Implementation and Management:
a. Implement and manage OneTrust Cookie Compliance, Incident Response, and Identity Proofing.
b. Perform Privacy by Design Assessments and develop roadmaps and technical plans for Privacy by Design Controls implementation, including Application Technical Controls, Information Management Controls, and Infrastructure Controls.
c. Build and manage OneTrust inventories for both personal data and controls.
d. Oversee OneTrust Privacy Notice Management, Data Privacy Scanning (Data Discovery), and Privacy Inventory Reporting.
e. Automate Personal Data Inventory and develop privacy processes, reporting, and dashboards using OneTrust.
f. Conduct Privacy Assessments using OneTrust. Ensure compliance with Privacy Threshold Assessment (PTA) requirements using OneTrust.
g. Manage Vendor Risk using OneTrust Vendor Risk Management module.
h. Implement Data Retention Management and Consent Management using OneTrust.
C. Technology Solutions:
a. Plan, coordinate, and execute technology solutions, including infrastructure, servers, interfaces, cloud, and network activities related to data privacy.
D. Cloud and DevOps Integration:
a. Leverage Azure cloud platforms and implement DevOps practices (CI/CD, containerization, infrastructure as code) to enhance deployment and operations.
b. Utilize Azure technologies such as Azure Data Factory (ADF), Data Bricks, and other relevant Microsoft technologies to support privacy initiatives.
E. API Integration and Development:
a. Design, develop, and integrate APIs to support privacy solutions.
b. Ensure secure and efficient API integration with OneTrust and other relevant systems.
c. Utilize API management tools such as Azure API Management for effective API lifecycle management.
F. Production Support:
a. Manage and maintain privacy documentation and artifacts in Azure DevOps and MS Teams.
b. Provide production support, monitoring, and maintenance to privacy services.
c. Monitor, triage, resolve, and close privacy issues, and update ServiceNow tickets.
d. Lead weekly health checks of privacy services in all environments, prioritizing production.
e. Provide application teams with architecture and infrastructure direction and guidance on technology platforms, including OneTrust usage and integrations.
f. Troubleshoot and resolve technology and infrastructure issues in a timely manner.
G. Cross-Functional Collaboration:
a. Work effectively with cross-functional teams, including developers, QA, project managers, and stakeholders, to ensure cohesive implementation and integration of privacy solutions.
b. Facilitate communication and collaboration between different teams to align on privacy requirements, technical solutions, and project timelines.
c. Provide technical guidance and support to various teams to ensure successful deployment and maintenance of privacy technologies.
H. Agile Methodologies:
a. Utilize Agile/Scrum methodologies to facilitate iterative development, continuous feedback, and rapid delivery of project assignments.