What are the responsibilities and job description for the Privacy Compliance Specialist III position at Simmons Bank?
We're committed to bringing passion and customer focus to the business.
The Privacy Compliance Specialist will support the organization's privacy program, ensuring compliance with applicable laws, industry standards, and internal policies. This role requires a professional with legal training and a strong understanding of privacy laws such as CCPA/CPRA, GLBA, HIPAA, and other relevant regulations. The ideal candidate is an attorney with practical experience in data privacy, information governance, and regulatory compliance.
Essential Duties and Responsibilities:
*Monitor and interpret changes in global, federal, and state privacy laws; advise internal stakeholders on regulatory impact.
*Draft, review, and maintain privacy-related policies, procedures, and standards across business units.
*Conduct privacy impact assessments (PIAs) and advise on data use in new projects, systems, and third-party engagements.
*Review contracts, data processing agreements (DPAs), and vendor relationships for privacy compliance.
*Provide regulatory guidance on the collection, use, storage, transfer, and disposal of personal data.
*Investigate, assess, and document privacy incidents and data breaches; assist with regulatory reporting as needed.
*Support training and awareness initiatives to promote a culture of privacy across the organization.
*Partner with IT, InfoSec, HR, Marketing, Product, and other teams to implement privacy by design and data minimization principles.
*Conduct internal audits and assessments of data privacy controls.
*Assist with responding to data subject access requests and customer or regulator inquiries.
Qualifications:
*Education:
*Juris Doctor (JD) from an accredited law school.
Experience:
*2--4 years of professional experience in privacy, data protection, or compliance.
*Experience working in financial services industry is preferred.
*Certifications (Preferred but not required):
*Certified Information Privacy Professional (CIPP/US, CIPP/E)
*Certified Information Privacy Manager (CIPM)
*Other relevant certifications (e.g., CIPT, CISSP, CISA)
*Skills:
*Strong working knowledge of privacy laws (e.g., CCPA/CPRA, GLBA, HIPAA, etc.)
*Strong contract review skills specific to data protection clauses.
*Excellent legal research, writing, and communication skills.
*Ability to communicate complex legal and compliance issues to non-legal stakeholders.
*Experience with data mapping, data governance, and privacy tools (e.g., OneTrust, TrustArc) is a plus.
Equal Employment Opportunity Information: Simmons First National Corporation and its subsidiaries are committed to a policy of equal employment with respect to a person's race, color, religion, sex, ancestry, sexual orientation, gender identity, national origin, covered veterans, military status, physical or mental disability or any other legally protected classifications.
Equal Employment Opportunity Information: Simmons First National Corporation and its subsidiaries are committed to a policy of equal employment with respect to a person's race, color, religion, sex, ancestry, sexual orientation, gender identity, national origin, covered veterans, military status, physical or mental disability or any other legally protected classifications. Simmons First National Corporation and its subsidiaries are committed to Affirmative Action Programs consisting of results-oriented procedures to ensure equal employment opportunities. These programs require positive action in lieu of neutral non-discrimination and merit hiring/performance policies.
