We are at the forefront of change in this rapidly evolving lending market. mello™, the Greek word for “future,” was the product of a recent $80+ million dollar investment in research & development to transform & streamline the home buying process into a digital experience like no other competitor offers. But mello™ is just the beginning… loanDepot will continue to invest in developing our own advanced technology ecosystem built around serving our customers & enabling our valued employees to provide exceptional service. We have funding, we have opportunities, you have ideas—it’s a perfect match.
loanDepot — We are America’s Lender.
loanDepot, LLC is in search of a Director, Privacy to work under the leadership of the VP, Privacy & Records Management and manage the daily operations for our privacy program within IT Security. This includes the daily management of staff, providing strategic direction of the team and ensuring tactical operational management to ensure that all goals align with business priorities.
This position is responsible for implementing and maintaining appropriate preventive, detective and remedial controls, the execution of relevant policies and procedures, training and educating enterprise staff members, implementing an effective communications program, ensuring effective testing, auditing, monitoring, tracking and reporting, remediating control deficiencies, and data breach management & response.
Regularly consult with key stakeholders on various related initiatives developing strategies to minimize risk exposure and improve safeguards protecting information assets. Excellence is an expectation, and strong communications, leadership, teamwork, and agility are critical success factors.
- Support the VP, Privacy & Records Management with duties and obligations pertaining to privacy compliance for the enterprise. These include but are not limited to privacy risk assessments, business process assessments, privacy incident management, privacy awareness and training, privacy due diligence reviews for vendors handling personal information.
- Ensure adherence to appropriate frameworks, regulatory requirements and company policies.
- Collaborate with various members in the Enterprise Risk Management, Legal, Compliance and Information Technology departments to identify and control privacy risks; follow key trends and latest laws and regulations.
- Maintain an inventory that identifies all systems, business processes, shared drives and other repositories where sensitive personal information is used, stored or accessed.
- Maintain an inventory of third parties handling personal information on behalf of loanDepot. Support privacy due diligence reviews for corporate vendors (new and existing) handling personal information.
- Manage the annual privacy risk assessment process; conduct privacy impact assessments, as required; and conduct other privacy assessments as needed (e.g., GLBA, HIPAA, NIST privacy assessments), to ensure that appropriate controls are in place to mitigate privacy risks.
- Identify, investigate and remediate privacy incidents (including privacy breaches) in a timely manner consistent with legal requirements.
- Report on privacy incidents, operational risk events relating to privacy and key risk indicators occurring across the company. Identify and follow up on privacy issues and action plans with an eye to closing incidents and issues in a timely manner.
- Utilize educational tools including training and awareness sessions to reinforce strong privacy protection practices creating a culture of awareness across the company.
- Be an active member of the privacy community within loanDepot.
- Participate in continued privacy education and be an advisor to management around privacy related matters.
- One or more of the various privacy disciplines (e.g., policy, compliance, information security, operational risk management)
- Comprehensive Understanding of U.S. privacy and data protection laws and regulations, fair information practices and core privacy and data protection principles, direct marketing techniques, workplace monitoring, financial privacy requirements, online privacy, and information security.
- Good project management skills with the ability to manage multiple work streams
- Strong relationship building skills and the ability to influence and communicate privacy-related concepts to a broad range of technical and non-technical staff
- Background in the Insurance or Financial Services industries preferred
- Tactical thinking skills, creative problem solving, analytical skills, verbal and written communication skills, including meeting facilitation and presentation skills.
- Strong political acumen to partner and collaborate with, and influence, all relevant stakeholders, both internal and external, including executive management. Strong communication and relationship-, coalition- and consensus-building skills required.
- Proven ability to multi-task, thrive and deliver in a highly regulated, demanding, entrepreneurial, and constantly changing corporate environment. Demonstrated ability to regularly re-prioritize risks, objectives and action plans based on an evolving corporate and regulatory landscape. Ability to deal well with ambiguity and complex situations. Ability to lead a team through growth and change.
- Experience in building programs, process improvements and/or re-engineering.
- Strong independent judgment, critical and analytical thinking, and problem-solving skills required.
- U.S. Certified Information Privacy Professional (CIPP/US)
- Certified Information Privacy Manager (CIPM)
- Certified Information Privacy Technologist (CIPT)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- BA or BS in information security, business administration, or related area.
- Master’s degree in an IT field is a plus
- Master’s in cybersecurity is an even bigger plus
- Competitive compensation reliant on ability & experience
- Excellent benefits package including multiple health, dental & vision options
- Company paid life and AD&D Insurance, as well as additional voluntary benefit possibilities
- 401K with robust company match
- 15+ PTO days, in addition to 8 paid company holidays
- The opportunity to work for America’s Lender under the vision of industry legend, Anthony Hsieh
loanDepot is a proud equal opportunity employer.