Manager, Customer Privacy

San Francisco, California
14 Sep 2016
16 Nov 2016
Oil and Gas
Contract Type
Full Time

Based in San Francisco, Pacific Gas and Electric Company, a subsidiary of PG&E Corporation (NYSE:PCG), is one of the largest combined natural gas and electric utilities in the United States. And we deliver some of the nation's cleanest energy to our customers in Northern and Central California. For PG&E, "Together, Building a Better California" is not just a slogan. It's the very core of our mission and the scale by which we measure our success. We know that the nearly 16 million people who do business with our company count on our more than 24,000 employees for far more than the delivery of utility services. They, along with every citizen of the state we call home, also expect PG&E to help improve their quality of life, the economic vitality of their communities, and the prospect for a better future fueled by clean, safe, reliable and affordable energy.

Pacific Gas and Electric Company is an Affirmative Action and Equal Employment Opportunity employer that actively pursues and hires a diverse workforce.  All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, sex, age, religion, physical or mental disability status, medical condition, protected veteran status, marital status, pregnancy, sexual orientation, gender, gender identity, gender expression, genetic information or any other factor that is not related to the job.

Department Overview

In Customer Care, we are focused on delivering the desired customer experience for each of our customers. Everything we do starts and ends with the customer. We are focused on delivering safe, reliable and affordable service and delivering an exceptional customer experience to each and every customer.
Customer Operations Regulatory Strategy (CORS) is a division of Customer Care that delivers a broad range of expertise to drive integrated, cross-organizational solutions to complex business problems. By providing strategic counsel and program governance, CORS helps the Customer Care organization balance risk, compliance, regulation, operations, and customer experience. Key functional groups within CORS include Privacy; Risk, Compliance and Audits; Tariff Interpretation; Records and Project Management; and Regulatory Policy.

Position Summary

This position reports to the Customer Operation Regulatory Strategy (CORS) Senior Director, who reports to PG&E's Chief Privacy Officer (who is also the VP of Customer Operations). This role is responsible for managing the day-to-day operations of the privacy program for PG&E, including managing a team whose goals are to safeguard PG&E privacy through comprehensive privacy and data access governance, controls that protect data, workforce awareness and sensitivity training regarding the importance of privacy, investigation of privacy concerns, and ensuring clear responsibility for privacy-related deliverables throughout the enterprise. This role provides strategies and activities designed to ensure the privacy of PG&E's data assets and compliance with related laws and regulations. The team provides crucial subject-matter guidance and support to the enterprise to ensure the understanding of risks around, threats to, analysis of, strategy for and overall management of privacy and associated data.


• BA/BS or equivalent work experience in business or other relevant discipline
• 10 years of related experience, to include three years of leadership experience

Desired Qualifications ---------------------------
• Certified Information Privacy Manager
• Certified Information Privacy Professional
• Utility experience
• Experience with legal and regulatory compliance concepts
• Experience with risk management concepts • Passion for/interest in privacy/data policy/strategy
• Superior time management, planning, and organizational skills.
• Exceptional interpersonal skills, including teamwork, facilitation and negotiation
• Ability to solve unique and complex issues and problems
• Strong written and verbal communication skills, including ability to explain complex issues in clear and concise terms to executive audience
• Ability to think strategically and drive a team towards implementation
• Experience developing work plans in support of organizational goals
• Strong ability to manage major cross-functional initiatives
• Ability to use business understanding to help drive strategic decision making, and recommend areas for process improvements.
• Knowledge of Utility operations and/or operations in a highly regulated environment
• Experience managing a Privacy program


Privacy Program Leadership:

• Shapes Privacy strategies across the enterprise to address the risk related to the unauthorized use or loss of customer information.
• Benchmarks program externally to identify best practices in these areas and leads implementation of significant enterprise-wide cultural and program changes, improvements and enhancements.
• Participates in privacy forums, builds partnerships internally across PG&E, and helps ensure that the protection of privacy is embedded in PG&E's fundamental business practices and policies.
• Provides coaching and support to directors and officers on privacy strategies and approaches to implement in their organizations.
• Provides direct supervision, staffing, training, coaching and mentoring to Privacy team members. Assigns, prioritizes, and reviews project work, project initiatives, and special assignments.
• Manages and collaborates with team of subject-matter privacy experts to:
• Provide guidance on complex policy issues with enterprise impact, leveraging internal/external contacts to pressure test and refine solutions to mitigate risk and to drive privacy and data incident response and innovative resolution
• Maintain a high degree of privacy awareness across the enterprise and deliver enterprise training/education as needed.
• Review and/or create internal and external policies, standards, procedures, and controls related to access to enterprise data to ensure compliance with all relevant privacy and data protection laws and contractual commitments.
• Identify and analyze relevant privacy and data protection issues including required privacy notices, audits, regulatory filings, relevant process and infrastructure requirements, and industry trends and best practices. Develops and maintains relationships with other industry professionals.
• Oversee/lead the investigation and remediation of privacy-related incidents, events or breaches.
• Work closely with the Law Department on review and negotiation of applicable privacy and data protection language for affiliate, vendor, and customer agreements. Also interfaces with PG&E functions like IT Cyber-Security, Internal Auditing, Corporate Security, Compliance & Ethics, and Regulatory Affairs on policy-shaping alignment & integration of customer privacy in all facets of the business.
• Resolve complex regulatory and business problems, including potentially interacting with California state offices, the CPUC, etc.

Governance and Oversight:
• Provides governance and oversight over PG&E's privacy program, including Privacy operational plan, roadmap, etc.
• Develops and delivers monthly reporting on program maturity, risk, legal and regulatory compliance for senior leadership.
• Drives agenda and management of Privacy Committee (chaired by Chief Privacy Officer).
• Drives cross-functional engagement across the enterprise, including among senior leadership, to promote the protection of privacy.