We are at the forefront of change in this rapidly evolving lending market. mello™, the Greek word for “future,” was the product of a recent $80+ million dollar investment in research & development to transform & streamline the home buying process into a digital experience like no other competitor offers. But mello™ is just the beginning… loanDepot will continue to invest in developing our own advanced technology ecosystem built around serving our customers & enabling our valued employees to provide exceptional service. We have funding, we have opportunities, you have ideas—it’s a perfect match.
loanDepot — We are America’s Lender.
loanDepot, LLC is in search for a Vice President, Privacy and Records Management to establish our information governance, privacy and records management functions. Accountable for leading innovation, guiding strategy and designing a defensible environment to protect PII in accordance with appropriate international frameworks.
This position is responsible for establishing and driving privacy and records management programs, strategy, governance, and initiatives across the enterprise with an emphasis on framework compliance consistent with information security strategies and applicable laws and company policies. The position ensures that safeguards are in place to facilitate the appropriate use and disposition of customer data, employee data, and other sensitive business information.
Regularly consult with key stakeholders on various related initiatives developing strategies to minimize risk exposure and improve safeguards protecting information assets. Excellence is an expectation, and strong communications, leadership, teamwork, and agility are critical success factors.
- The position is responsible for implementing and maintaining proper preventive, detective and remedial controls, the execution of relevant policies and procedures, training and educating enterprise staff members, implementing an effective communications program, ensuring effective testing, auditing, monitoring, tracking and reporting, remediating control deficiencies, and data breach management & response.
- This role encompasses all related subject matter areas, including, for example, data protection, marketing privacy, privacy breach incident response, Business Associate contracting and oversight, online privacy, as well as customer, employee, broker, and provider privacy. Partner closely with IT, Legal and Compliance teams while partnering with key operational stakeholders including various business teams, IT Security, Enterprise Risk and Internal Audit.
- Lead and coordinate privacy/data breach response activities, liaise with internal and external resources, and address privacy inquiries from customers and business partners. Collaborate with other Compliance teams and to support the SVP, CISO with various initiatives including preparation of Audit Committee reports.
- Develop and oversee the overall strategy of a comprehensive records management program, including leadership and development of staff members, and to partner with stakeholders to operationalize and embed information governance, privacy & records management into all areas of the business.
- Direct and assist in the identification and maintenance of all records throughout the record lifecycle, from conception to disposition, across the enterprise. Provide development, framework, and daily guidance in connection with the review and implementation of customer, business and other records management related solutions across the enterprise, ensuring that adequate coverage exists and safeguards are in place to comply with new and existing retention laws, regulations, and corporate policies.
- Provide consultation and direction for all privacy program activities. Manage the development and revision of policy and procedure governance documents. Provide subject matter expertise from a privacy compliance perspective to projects being developed or maintained internally/externally. Set direction on third-party and internal data sharing agreements. Review and, if necessary, update customer and consumer privacy notices.
- Manage an effective system for communication to promote a culture of information security, privacy and records management awareness, including regulatory changes, developments impacting business processes, and analysis of process changes. Develop and update awareness and communication materials and monitor ongoing completion throughout the organization (in person, online, lunch and learns, ad hoc sessions. Establish training, scripts, form letters and other support materials and tools.
- Serve as principle advisor and oversee reporting of privacy and records management matters to the Senior Vice President, Chief Information Security Officer and executive leadership.
- Monitor handling of requests and inquiries concerning privacy and records management. Develop metrics and provide regular updates to management.
- Privacy or records management experience with at least 8 or more years directly managing records management, privacy, security, or compliance capabilities.
- Understanding of records management and data protection laws and regulations, fair information practices and core privacy and data protection principles.
- Strong political acumen to partner and collaborate with, and influence, all relevant stakeholders, both internal and external, including executive management. Strong communication and relationship-, coalition- and consensus-building skills required.
- Proven ability to multi-task, thrive and deliver in a highly regulated, demanding, entrepreneurial, and constantly changing corporate environment. Demonstrated ability to regularly re-prioritize risks, objectives and action plans based on an evolving corporate and regulatory landscape. Ability to deal well with ambiguity and complex situations. Ability to lead a team through growth and change.
- Ability to set a clear vision for the program and to successfully execute on the vision.
- Experience in building programs, process improvements and/or re-engineering.
- Strong independent judgment, critical and analytical thinking, and problem-solving skills required.
- Strong moral compass and high integrity required. Must do the right thing, even when it means doing the difficult thing.
- U.S. Certified Information Privacy Professional (CIPP/US)
- Certified Information Privacy Manager (CIPM)
- Certified Information Privacy Technologist (CIPT)
- Certified Records Manager (CRM)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- BA or BS in information security, business administration, or related area.
- Master’s degree in an IT field is a plus
- Master’s in cybersecurity is an even bigger plus
- Competitive compensation reliant on ability & experience
- Excellent benefits package including multiple health, dental & vision options
- Company paid life and AD&D Insurance, as well as additional voluntary benefit possibilities
- 401K with robust company match
- 15+ PTO days, in addition to 8 paid company holidays
- The opportunity to work for America’s Lender under the vision of industry legend, Anthony Hsieh
loanDepot is a proud equal opportunity employer.