Chief Privacy Officer, Office of the General Counsel – 19804 Civil Service Title: Executive Agency Counsel Level: G6 Division/Office: Office of the General Counsel Borough: Manhattan Posting End Date: 04/30/2023 Description: Position Summary: Reporting to the General Counsel/Executive Deputy Counsel, the Chief Privacy Officer leads and oversees the development and implementation of Department of Education (DOE) policies and procedures related to the collection, dissemination, and protection of personal information of students and staff to support compliance with applicable federal and state laws, including but not limited to the Family Educational Rights and Privacy Act (FERPA) and New York Education Law § 2-d, and privacy best practices across the organization. Performs related work. Reports to: General Counsel/Executive Deputy Counsel Direct Reports: Privacy Office staff Key Relationships: Chancellor’s Office; Chief Information Officer and Division of Instructional and Information Technology; Office of Chief Operations Officer including Division of Contracts and Purchasing; Office of Performance and Evaluation within the Division of Teaching and Learning, including its Research Policy and Support Group; Press Office; NYC Law Department; NYC Office of Technology & Innovation and the Chief Privacy Officer for the City of New York. Responsibilities: · Leads and oversees Privacy Office staff in their core functions, including Vendor and Internal Program Management and Support; Investigations and Compliance; and Policy and Legal Counsel. · Leads the development and implementation of privacy policies, procedures, practices, and guidance for the DOE, including administering a robust privacy, cybersecurity and data governance program and promoting a “privacy by design” approach. · Advises key internal stakeholders on privacy, cybersecurity, record retention, and data security, management, and governance issues, including risk mitigation initiatives and decisions concerning the disclosure of personally identifiable records and data. · Provides legal support to internal stakeholders on the handling of data privacy and security incidents, breaches, complaints, and related investigations and coordinates with the NYC Chief Privacy Officer and other government officials as appropriate. · Negotiates, drafts, and reviews agreements (including but not limited to non-disclosure and data use agreements and memoranda of understanding) between the DOE and other governmental agencies concerning the sharing of personally identifiable records and data; reviews and drafts privacy and data security provisions in vendor contracts in consultation with the Commercial Unit of the DOE’s Office of the General Counsel; advises on processes and procedures for ensuring third party data privacy and security compliance. · Collaborates with senior DOE leadership and other DOE stakeholders to support compliance with applicable local, state, and federal laws concerning privacy and data security, including FERPA and Education Law § 2-d. · Represents the DOE in meetings on privacy and data security-related matters with other government agencies and when appropriate, other parties. Consults with other governmental entities on developments in privacy and cybersecurity and information security law and regulatory guidance. Collaborates with other city agencies on the development of citywide privacy and data security practices as appropriate, including the NYC Office of Information Privacy and NYC Cyber Command. · Liaises with the NYC Law Department on information requests and responses in litigation and regulatory actions relating to cybersecurity and privacy. · In collaboration with the DOE’s Office of Intergovernmental Affairs, monitors and reviews federal, state, and local legislative developments with respect to privacy and data security, and when appropriate, advises on changes to new or current legislation. Incorporates regulatory and legal requirements into DOE’s privacy practices. · Works with DOE leadership to ensure that proper consent and authorization forms are being utilized in connection with student records. · Establishes and administers a training program on privacy- and data-security-related issues. Manages formal staff development on matters related to privacy and data security. Drafts privacy and data security-related communications in collaboration with senior leadership and other internal stakeholders. · Conducts trainings on privacy laws for other attorneys within the DOE’s Office of the General Counsel. Qualification Requirements Minimum Admission to the New York State Bar; and four years of recent full-time satisfactory, relevant legal experience subsequent to admission to any bar, eighteen months of which must have been in the supervision of other attorneys, in an administrative, managerial or executive capacity, or performing highly complex and significant legal work. NOTE: Selected candidates must remain members of the New York State Bar in good standing for the duration of their employment. Preferred · Five or more years of experience and increasing responsibility, including supervisory experience, in privacy-related issues, ideally including material experience with education-related privacy laws and regulations. · At least three years’ experience and/or a proven track record of effective team/project management. · Deep knowledge of privacy, data protection, and cybersecurity laws, particularly those affecting DOE. · Familiarity with standards, guidelines, and best practices to manage privacy and cybersecurity risk, such as the NIST Privacy Framework and NIST Cybersecurity Framework. · Ability to rapidly understand provisions of applicable law and regulations. · Ability to write clearly and concisely. · Excellent interpersonal and communication skills, including the ability to present to business, legal, and technology stakeholders. · Demonstrated success at coordination of complex matters across different teams and building cross-functional partnerships and driving change through collaboration. · Excellent organizational and time management skills; ability to rapidly respond to time-sensitive issues. · Transactional and compliance experience, including excellent negotiation skills. · Industry-recognized privacy certification; e.g., CIPP-US. Salary: $129,014 - $170,000 (Internal candidates who are selected for this position and who currently hold comparable or less senior positions within the DOE will not earn less than their current salary.) For more details and to apply, visit https://nychb.teacherssupportnetwork.com/guest/ShowVacancyDetails.do?vac... Please include a resume and cover letter with your application. NOTE: The filling of all positions is subject to budget availability and/or grant funding. AN EQUAL OPPORTUNITY EMPLOYER NEW REQUIREMENT As of August 2, 2021, all NYC Department of Education new hires (who are not currently employees of the City of New York) must provide proof of COVID-19 vaccination prior to beginning their employment unless they have been granted a reasonable accommodation for religious or medical reasons. More information can be found in Executive Order 75. DOE Non- Discrimination Policy It is the policy of the Department of Education of the City of New York to provide equal employment opportunities without regard to actual or perceived race, color, religion, creed, ethnicity, national origin, alienage, citizenship status, age, marital status, partnership status, disability, sexual orientation, gender (sex), military status, unemployment status, caregiver status, consumer credit history, prior record of arrest or conviction (except as permitted by law), predisposing genetic characteristics, or status as a victim of domestic violence, sexual offenses and stalking, and to maintain an environment free of harassment on any of the above-noted grounds, including sexual harassment or retaliation. For more information, please refer to the DOE Non-Discrimination Policy.