Post Job Free
Sign in

Information Security Data Privacy

Location:
Jensen Beach, FL
Posted:
February 17, 2025

Contact this candidate

Resume:

JEFFREY D. BRIDGES

**********@*****.*** https://www.linkedin.com/in/jeffreybridges 478-***-****

Global Senior Leadership in Cyber-Security, Data Privacy, and Information Governance across regulated and non- regulated industries, including Aviation, Automotive, Education Technology, Energy, and Pharmaceutical. Efforts include assessing and implementing solutions for multi-national companies that provide safeguards and accessibility to maximize the value of the underlying content. Expertise in data management and separation with acquisitions and divestitures at multi-national corporations.

RELEVANT PROFESSIONAL EXPERIENCE

PACIFIC SUNWEAR OF CALIFORNIA, LLC – Anaheim, CA (PT Remote) 09.2023 to Present

(Major eCommerce fashion retailer)

Privacy Counsel

• Provided legal support for privacy program including use of cookies, beacons, pixels, and artificial intelligence. Maintained privacy notices and controls to ensure compliance and sustained alignment with recent and upcoming US states Privacy and Artificial Intelligence laws. TREASURE COAST INFORMATION PRIVACY SERVICES – Jensen Beach, FL 01.2023 to Present Founder, Information Governance / Data Privacy / Cyber-Security Services

• Cambiar Education - Provided guidance and operational support in developing Privacy and Cybersecurity infrastructure for start-up Ed Tech projects for a non-profit providing tutoring and literacy aid for K-12. Served as fractional Privacy Officer.

RENAISSANCE LEARNING (formerly Illuminate Education, Inc.) – Irvine, CA (Remote) 08.2021 to 01.2023

(Leading educational technology company)

Director, Data Privacy & Security-- Data Privacy Officer and Security Officer

• Developed security policies and controls based on NIST and ISO standards to protect Cloud based personal data of over 17 million students in 5200 schools and districts in fifty states. Controls addressed included Identity Access Management (IAM), Multi-Factor Authentication (MFA), and Mobile Device Management (MDM).

• Provided matrixed, cross-functional leadership and guidance related to FERPA and other federal and state privacy laws to ensure compliance and a positive user experience for all stakeholders of Illuminate’s various products and platforms.

• Provided Incident Response Planning implementation and execution for Illuminate Education and continuing to support it post-acquisition. Activities included cross-functional tabletop drills, interaction with Insurance carriers, and third-party support. Approach coordinated and integrated with engineering first response team for active threat response.

TREASURE COAST INFORMATION PRIVACY SERVICES – Jensen Beach, FL 01.2020 to 08.2021 Founder, Information Governance / Data Privacy / Cyber-Security Services Service offerings include:

• Assessment of current electronic and hard copy environments for compliance with NIST, ISO, and best practices offering solutions to enhance availability, security, and value of content.

• Evaluate environment to determine value proposition for usage of privacy management software and its implementation.

• Tabletop and other cross-functional exercises to ensure prompt investigations and response to potential exposure of proprietary and sensitive personal data.

• Custom-created policies, procedures, workflows, and schedules that reflect the unique culture of each client business. Approach addresses current and emerging states’ privacy legislation so as to provide a unified consistent approach to meeting requirements while not impeding the business workflows. JEFFREY D. BRIDGES **********@*****.*** Page 2 BOEING DISTRIBUTION SERVICES, INC. (formerly KLX Inc.) – Wellington, FL 02. 2017 to 10. 2019 Data Privacy Officer / Director, Information Governance Global Data Privacy Officer for multi-national aerospace company. SME for global data privacy-related topics, including negotiating, drafting, and reviewing privacy-related documents for vendors, processors, and other stakeholders.

• Led the review, development, and implementation of measures to create a global privacy program.

• Developed a comprehensive data map of physical and electronic data, assessments of content, training key stakeholders, as well as creation of Notices and Records of Processing Activities.

• Ensured that the twelve KLX entities in eight EU countries were compliant with GDPR by the 25 May 2018 deadline.

• Led transition of KLX Data Protection and Privacy efforts to Boeing globally with primary focus on US and EU privacy. Conducted Privacy Impact Assessments for new technologies, investigated and addressed potential data breach incidents, responded to data subject access requests, and reviewed policies and environment for compliance with California Consumer Privacy Act (CCPA).

• Advised and supported for Privacy by Design embedded in software and vendor onboarding workflow.

• Devised strategic plan for implementing an Information Governance program that included a cyber-security governance, risk, and compliance (GRC) structure that included information and physical security, third-party vendor assessments, monitoring, and incident response planning.

• Partnered with CISO in developing and implementing processes and controls that resulted in SOC 2 and ISO 27001 certification.

BOEHRINGER INGELHEIM PHARMACEUTICALS – Ridgefield, CT 02. 2010 to 12. 2016 Dual Roles:

Data Protection Officer, US

Data Protection / Privacy Officer in US for multi-national family pharmaceutical company. Established and directed strategic vision of US privacy program supporting global Data Protection requirements. Implemented ongoing monitoring of privacy activities to ensure continued compliance with relevant US laws, including HIPAA and state breach laws, as well as adherence to EU data protection requirements. Efforts ensured protection of sensitive patient data for clinical trials in compliance with all patient care guidelines. Annually reported findings to the Board of Directors in compliance with ongoing Corporate Integrity Agreement.

• Advocated and gained global acceptance of a process to assess vendors and their environments accessing or hosting Company information in the Cloud. Approach substantially reduced the risk of Confidential or Privacy data loss.

• Led and conducted cross-functional national team drills for Data Breach Preparedness to ensure prompt response in the event of unintended disclosure of privacy data. Scenarios included risks arising from Ransomware, cyber- security incidents, and Insider Threats, et al.

• Key member of global teams that led Operating Units worldwide in developing and monitoring various processes to ensure highest level of security for privacy data and company’s sensitive intellectual property. These efforts included ensuring that subsidiaries and outside business partners met the standards established by corporate data exchange agreements, EU Model Data Protection Clauses, and in preparation for GDPR implementation. Director, Information Governance

Applied a holistic approach to enterprise content that integrated Records / Information Management, Information Protection, Privacy, Cyber-security, and Knowledge Management into North America Information Governance program. Applied best practices in assessing and maturing of Program to ensure continued compliance with applicable legal / regulatory requirements for human and animal pharmaceuticals as well as litigation readiness.

• Implemented measures that addressed risks and threats while maximizing the value of the information. This framework served as the development model for company’s Global Information Governance program.

• Led teams in addressing Data acquisition or separation during purchase and / or sales of operating companies. Working with internal team and vendors, selected appropriate search tools and managed the separation of data, JEFFREY D. BRIDGES **********@*****.*** Page 3 including developing search terms, criteria, and scope of effort. These efforts played a key role in successful transitions of both asset and stock sales.

EDUCATION CERTIFICATIONS

• Member in Good Standing, State Bar of Georgia

• JD, Walter F. George School of Law, Mercer University, Macon, GA

• BA, Dual majors: History / Political Science, Mercer University, Macon, GA

• CERTIFICATE, Managing Projects, George Washington University, Arlington, VA

• CERTIFICATE, OneTrust Certified Privacy Professional (Inactive)

• CERTIFICATE, OneTrust Data Mapping Expert (Inactive)

• CERTIFICATE, OneTrust Vendor Risk Management Expert (Inactive)



Contact this candidate