Main Office: 800 Philadelphia Street, Indiana, PA 15701

Akron: 491 North Cleveland-Massillon Road, Akron, OH 44333

Altoona: 1100 Logan Boulevard, Altoona, PA 16602

Camp Hill: 3314 Market Street, Camp Hill, PA 17011

Cuyahoga Falls: 2032 front Street, Cuyahoga Falls, OH 44221

Downingtown: 4 Brandywine Avenue, Downingtown, PA 19335

Ebensburg: 3135 New Germany Road, Ebensburg, PA 15931

Greensburg: 701 East Pittsburgh Street, Greensburg, PA 15601

Independence: 6133 Rockside Road, Independence, OH 44131

Kennett Square: 215 East Cypress Street, Kennett Square, PA 19348

McCandless: 9100 Covenant Avenue, Pittsburgh, PA 15237

Work Days and Expected Hours:

Monday - Friday: 8:00 AM - 5:00 PM

(Additional hours as necessary to meet the objectives of the department).

Function: Manages the day-to-day activities of the Privacy Office within Compliance Risk Management, driving the strategy for compliance with existing and new laws and regulations. Develop cross function business relationships and foster a strong risk management culture within the Bank. This includes collaborating on strategy for data privacy compliance, providing guidance and expertise to all lines of business, and supporting the response efforts related to privacy incidents. The individual will manage the Data Privacy Program by identifying, evaluating and mitigating privacy-related risks, developing privacy related processes, policies, and procedures, and providing privacy guidance to the business lines. The position provides assistance and support for performing product/service/vendor risk assessments, responding to data privacy-related consumer complaints, and root cause analysis.

Duties and Responsibilities:

• Maintains current in-depth knowledge of federal and state laws and regulations related to data privacy consumer protection.Responsible for possessing a thorough knowledge of S&T's Consumer Compliance Program, policies, procedures and processes.As appropriate within the organization, communicates issues related to business operations, regulatory developments, emerging issues, or other risk issues.

• Maintains current in-depth knowledge of federal privacy breach notification requirements, and collaborates with other operational lines, including the Information Security department to comply.

• Prepares reports and provides updates to the Compliance Committee and the Data Governance Council as requested.

• Obtains and maintains the designation of Certified Information Privacy Professional (CIPP) or Certified Information Privacy Manager (CIPM).

• Supports the Chief Privacy Officer with designing and maintaining a risk-based consumer compliance data privacy program and makes suggestions for continuous improvement. Ensures that departmental procedures are maintained.

• Assists with the corporate compliance policy review and development including researching new and amended regulations to determine impact on the Bank.

• Collaborate with business lines to assess privacy-related controls to ensure compliance with applicable laws and regulations and provide credible review and challenge of the first line of defense controls.

• Assists with the development and/or updating privacy-related compliance training modules.

• Assists in the completion of the product/service/vendor compliance risk assessments.

• Assists with responding to consumer complaints related to privacy concerns.

• Works with Marketing to ensure the Bank's Privacy Notices are updated as necessary.

• Assists with Privacy Assurance Reviews.

• Manages the Data Privacy Manager system, including ensuring the data maps are updated and correct, reviewing consumer requests to determine our compliance requirements, and tracking each consumer request from intake to closure.

• Maintains a good working relationship with all S&T employees and adheres to S&T's culture.Demonstrates a strong ability to work independently, as well as motivated to work as a team player to contribute to the success of the department and in turn, the organization.

• Performs additional duties as assigned.

Physical Demands

Approximately 70% of the day is spent operating a keypad device. The primary parts of the body involved in performing these tasks are fingers, thumbs and hands. Must be able to occasionally lift and/or move up to 20 lbs. Use of electronic equipment is required 100% and use of a mouse, if requested, 80% of the business day. Specific vision requirements include close vision of 18"-20" for computer work. 100% of the business day requires sitting straight. Reasonable accommodations may be made to enable individuals with disabilities to perform essential function.

Education

Requires a four-year college degree or equivalent. Major or area of specialization: Bachelor's degree in Business Administration, Data Science, Legal Studies, or related business degree. Holds a relevant professional certification or is willing to obtain one.

Experience

Requires five to ten years general experience with two to five years in a Privacy-related role, preferably at a financial institution or as a consultant.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

Salary Range: