Skip Navigation
Office Directory
Compensation and Classification
Positions Descriptions
Position: Data Privacy & Security Administrator

Position: Data Privacy & Security Administrator

Print this Page

Position Description

Position Title:
Position: Data Privacy & Security Administrator
Reports To:
Chief Information Officer
Job Code:
309
Classification:
Executive
Organization:
Office of Chief Information Officer
Revision/Review Date:
June 14, 2024
Grade:
1

Position Summary:

Under the direction of the Chief Information Officer, the Data Privacy and Security Administrator will be responsible for establishing and administering the school system’s approach to data privacy, data governance and data security.  The incumbent of this position performs highly complex administrative functions in compliance with all laws, rules and regulations related to data privacy and the protection of student and staff personal information.  The Data Privacy and Security Administrator is responsible for monitoring, documenting, reporting and resolving any unauthorized access or misuse of data.  The incumbent of this position reviews, analyzes and drafts related administrative procedures and standard operating procedures in support of data privacy and security.  

Duties and Responsibilities:

  • Leads the development of policies and procedures for governing how data should be collected, used, stored and shared;
  • Leads strategic data privacy initiatives such as implementing new technologies in the area of data protection and cyber security;
  • Serves as the senior subject matter expert in data privacy and records management laws, trends and best practices in data privacy protections, emerging educational technologies, and organizational governance and accountability models;
  • Develops and implements effective internal controls for ongoing monitoring and evaluation of data privacy and security;
  • Coordinates investigations of incidents of unauthorized access or misuse of data;
  • Designs and provides training on best practices for handling sensitive information;
  • Ensures the school system remains in compliance with all laws, rules and regulations related to data privacy and the protection of student and staff personal information;
  • Ensures that all procurement contracts involving information or educational technology software meet acceptable data privacy, security and interoperability standards;
  • Represents PGCPS in the development of data sharing agreements with vendors and/or other government agencies; negotiates with vendors on data privacy contract articles;
  • Establishes, maintains and manages relationships with internal and external stakeholders related to data privacy and security to ensure compliance with the terms and conditions of the school system’s data privacy specifications;
  • Informs and cultivates awareness on privacy and data protection at all levels of the school system;
  • Leads the school system in incident response planning in the event of a data breach and conducts regular training exercises in this area; and
  • Performs other duties as assigned.

Qualifications:

  • Knowledge of data protection laws, regulations and best practices;
  • Knowledge of school system’s information systems, data security and data protection needs;
  • Knowledge of data governance models for large organizations and incident response planning for data breaches;
  • Strong interpersonal skills, including the ability to interact timely and effectively with senior level administration, colleagues, vendors and external stakeholders;
  • Project management skills to implement new technologies that impact data privacy and protection;
  • Team leadership skills to lead incident response planning exercises;
  • Ability to effectively communicate both verbally and in writing, including the ability to convey complex and technical subjects in a clear, concise and positive manner;
  • Ability to think strategically, conceptually and analytically to assess opportunities for improvement, identify and consider potential solutions, and make timely recommendations; and
  • Ability to conduct assessments of software solutions against all applicable data privacy laws and regulations.

Education and/or Experience Requirements:

Bachelor’s degree from an accredited college or university in information security, computer science or a related field required; Master’s degree preferred. A minimum of five (5) years of successful experience in data privacy management and education/information technology required.

Certification:

None required.

Supervisory Responsibilities:

Oversees and provides guidance and direction to assigned personnel.

Physical Demands:

The physical demands are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to stand, talk, hear, walk, sit, and use fingers, tools or controls. The employee is occasionally required to reach with hands and arms and stoop, kneel, crouch, or crawl. Specific vision abilities required by this job include close vision such as to read handwritten or typed material, the ability to adjust focus, and depth perception. While performing the duties of this job, the employee may occasionally push or lift up to 25 lbs.

Working Environment:

The work environment characteristics are representative of those an employee encounters while performing the essential functions of the job.

Additional Information:

None

Chat window