Sr. Data Privacy Manager

At Kia, we’re creating award-winning products and redefining what value means in the automotive industry. It takes a special group of individuals to do what we do, and we do it together. Our culture is fast-paced, collaborative, and innovative. Our people thrive on thinking differently and challenging the status quo. We are creating something special here, a culture of learning and opportunity, where you can help Kia achieve big things and most importantly, feel passionate and connected to your work every day.

Kia provides team members with competitive benefits including premium paid medical, dental and vision coverage for you and your dependents, 401(k) plan matching of 100% up to 6% of the salary deferral, and paid time off. Kia also offers company lease and purchase programs, company-wide holiday shutdown, paid volunteer hours, and premium lifestyle amenities at our corporate campus in Irvine, California.

Status

Exempt

Summary

The Sr. Data Privacy Manager oversees daily data privacy operations across all Kia North America affiliates, ensuring compliance monitoring, proper handling of data subject requests, and accurate recordkeeping is taking place according to company policies and best practices. Implement data protection strategies and internal controls to prevent data misuse while ensuring adherence to data privacy policies. Develop and deliver employee training, maintain privacy documentation, and conduct internal audits to identify compliance gaps. 

Support Data Protection Impact Assessments (DPIAs) with Legal team and participate in IT projects, system architecture reviews, and PII processing contracts. Ensure vendor agreements include data privacy protections and monitor third-party compliance. Collaborate with IT, Information Security, Legal, and HR teams to implement privacy measures and support regulatory inquiries. Work with the Customer Care team in handling PII-related complaints, investigations and resolution management.
 

Major Responsibilities

1st Priority - 20%

Operational Privacy Oversight

• Manage day-to-day data privacy operations, including recordkeeping and compliance monitoring.
• Ensure proper handling of data subject requests (e.g., access, deletion, or modification).

2nd Priority - 20%

Policy Implementation

• Implement data protection strategies and compliance frameworks while monitoring adherence to data privacy policies across departments
• Establish an internal control and monitoring system to prevent the leakage, misuse, and abuse of personal information

3rd Priority - 20%

Training & Documentation

• Develop and deliver privacy training materials for employees.
• Maintain records of processing activities and ensure documentation accuracy.

4th Priority - 20%

Audits & Assessments

• Conduct internal audits to identify gaps in privacy compliance.
• Support Legal with the DPIA (Data Protection Impact Assessments) for new projects or business initiatives.
• Monitor IT projects to ensure compliance with relevant regulations while reviewing system architecture based on the PII life cycle

5th Priority - 10%

Vendor & Contract Review

• Review and manage vendor agreements, ensuring data privacy clauses are included and enforced, while overseeing contracts related to the outsourcing and delegation of PII processing. 
• Monitor third-party compliance with the organization's data protection requirements.

6th Priority - 10%

Privacy Program Support

• Collaborate with IT, Information Security, Legal, and HR teams to implement technical and organizational measures that demonstrate reasonable security procedures and practices are in place in accordance with privacy regulations.
• Support the Data Privacy Director and Legal in responding to regulatory inquiries and investigations.
• Assist the Customer Care team in managing customer PII matters and develop a structured process for handling customer complaints related to PII processing and protection.

Education/Certification

• Bachelor’s degree in law, computer science, information technology or security, business administration, or a related field required
• Advanced degree preferred.
• Certification in data privacy (e.g., CIPP/E, CIPM, or equivalent) preferred.
• One or more of the following cybersecurity certifications are highly desired:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
     

Overall Experience

• Minimum of 8 years of experience in privacy, data protection, or compliance roles.
   

Directly Related Experience

• Minimum of 8 years of experience in privacy, data protection, or compliance roles.
• Proven track record of developing and implementing privacy strategies in a complex organization.
• In-depth knowledge of US/states privacy laws and regulations such as CCPA, CPRA, HIPAA, etc.
• In-depth knowledge of International Privacy Standards such as GDPR and ISO 27701
• Familiarity with Canadian and Mexican privacy laws and regulations preferred.
   

Skills

Ability to interpret and apply privacy regulations in a business context.Excellent written and verbal communication skills.Strong organizational and project management skills.

Competencies

Care for PeopleChase Excellence, Every DayDare to Push BoundariesEmpower People to ActMove Further, Together

Pay Range

$105,532 - $146,708

Pay will be based on several variables that are unique to each candidate, including but not limited to, job-related skills, experience, relevant education or training, etc.

 

Equal Employment Opportunities

KUS provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, ancestry, national origin, sex, including pregnancy and childbirth and related medical conditions, gender, gender identity, gender expression, age, legally protected physical disability or mental disability, legally protected medical condition, marital status, sexual orientation, family care or medical leave status, protected veteran or military status, genetic information or any other characteristic protected by applicable law.  KUS complies with applicable law governing non-discrimination in employment in every location in which KUS has offices.  The KUS EEO policy applies to all areas of employment, including recruitment, hiring, training, promotion, compensation, benefits, discipline, termination and all other privileges, terms and conditions of employment.

 

Disclaimer:  The above information on this job description has been designed to indicate the general nature and level of work performed by employees within this classification and for this position.  It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.