Senior Privacy Operations Manager

Tenneco is one of the world's leading designer, manufacturers and marketers of automotive products for original equipment and aftermarket customers, with approximately 78.000 team members working at more than 300 sites worldwide. Through our four business groups, Motorparts, Ride Performance, Clean Air and Powertrain, Tenneco is driving advancements in global mobility by delivering technology solutions for diversified global markets, including light vehicle, commercial truck, off-highway, industrial, motorsport and the aftermarket.

Job Title: Privacy Operations Manager, Snr

Location: Hybrid (Illinois or Michigan)

Tenneco is one of the world's leading designers, manufacturers and marketers of automotive products for original equipment and aftermarket customers, with approximately 66,000 team members working at more than 200 sites worldwide. Through our four business groups, DRiV, Performance Solutions, Clean Air and Powertrain, Tenneco is driving advancements in global mobility by delivering technology solutions for diversified global markets, including light vehicle, commercial truck, off-highway, industrial, motorsport and the aftermarket.

This position is responsible for leading privacy-preserving technologies and implementing privacy by design and default to ensure operational excellence and execution of global data privacy laws such as GDPR, PIPL, LGPD, AI and other applicable regulations.

The Privacy Operations Manager will be a meticulous, proactive, and innovative professional, adept at implementing and upholding legal and technical standards from regulations, policies and procedures. The role will oversee technical risk evaluations and contribute to information security, architectural, and risk-related projects. The individual will collaborate with an integrated team of architects, risk, and security engineers to assess systems, tools, and services that affect data and privacy compliance.

The position may be based in Illinois or Michigan and reports directly to the Chief Privacy Officer of the company.

Essential Duties and Responsibilities

• Conduct privacy reviews for all personal data processing activities and projects.
• Identify and implement privacy requirements for systems and technologies that process personal data.
• Collaborate with technical and business teams to review products, services, and projects that process personal data.
• Analyze technical designs and implementations to develop solutions that adhere to privacy by design and default principles.
• Work with privacy counsels, IT security, architecture, and other business teams to establish legal and technical safeguards.
• Lead privacy risk management processes, including conducting Privacy Impact Assessments (PIAs), Data Protection Impact Assessments (DPIAs), Records of Processing Activities (ROPAs), Data Mapping and AI Risk Assessments.
• Automate workflows, privacy controls, and risk management using process methodologies and tools. Ensure all privacy risks from assessments are properly captured, communicated and treated by risk owners.
• Address technical and legal requirements around cross-border data flows, design requirements for data localization, cookies and similar tracking technologies, vendor risk assessments, and consent management across our technological stack.
• Evaluate privacy controls and identify gaps in compliance with data protection and privacy regulations in systems, services and products, and support finding remediation solutions.
• Manage the lifecycle of Data Subject Requests (DSRs) program.
• Represent and advocate for privacy by design and default principles in technical review boards.
• Develop and implement metrics and dashboards for reporting and monitoring privacy operations.
• Perform all other tasks and activities as may be assigned from time to time such as the management of privacy incidents to advance privacy compliance, data protection and privacy by design and default objectives.

Minimum Requirements

Education:

• Degree in computer science, software engineering, data protection, privacy, cyber security, regulatory compliance, or a related field required.
• JD, law license or similar qualification (highly desirable).
• One or more of the following certifications required: CIPP, CIPT, CDPSE, CIPM, CISM, CISSP.

Experience: Minimum of 8 years of experience in relevant field required.

Skills

• Strong understanding and experience in technology, software, data analytics, data management, and data integration processes.
• Strong knowledge and experience with Privacy by Design and Default methodologies.
• Excellent writing skills and ability to simplify technical material for diverse audiences.
• Strong collaboration, interpersonal, and organizational skills.
• Hands-on experience with regulatory compliance frameworks such as GDPR, CCPA, PCI DSS, ISO 27001, ISO 42001, SOX, TISAX, NIST CSF.
• Proficiency in Microsoft Excel, PowerPoint, Power BI, and other Microsoft tools.
• Extensive experience performing PIAs, DPIAs, ROPAs, and other key privacy activities.
• Experience managing and responding to Data Subject Requests (DSRs).
• Proven ability to manage and deliver privacy projects, including timelines, documentation, and cross-functional coordination.
• Advance knowledge and experience implementing privacy by design and default into information systems.
• Experience working in a multinational organization with a fast-paced environment.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

ability.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.