Why should you join our team? American AgCredit offers a unique opportunity to be a part of a national financial system supporting those who feed, clothe and fuel the world. We are a growing organization embracing collaboration and innovation while delivering transformative solutions. American AgCredit provides a cultivating environment where you truly make a difference for our customers and teams. Benefits offered by American AgCredit: Commitment to agriculture and the communities we serve Family friendly work environment Investment in employee development Medical, Dental and Vision coverage Outstanding 401k – automatic 3% employer contribution, plus match up to 6% Generous Paid Time Off (Vacation accrued at 26 days annually, Sick Days accrued at 15 days annually, 12 paid holidays, plus 16 hours of volunteer time) Competitive Incentive Compensation Plan Disability & Life Insurance Employee mental, physical, and financial wellness programs The position is bonus eligible based on association and personal performance Position will be posted until filled. BASIC FUNCTION: The Privacy and Information Governance Compliance Program Manager is responsible for designing, implementing, and maturing the Association’s enterprise Privacy Program in alignment with regulatory requirements, industry standards, and evolving organizational needs. This role serves as the Association’s primary privacy subject-matter expert and liaison to internal stakeholders, customers, regulators, and auditors. The Privacy and Information Governance Compliance Program Manager works independently and collaborates with business units within all three lines of responsibility to manage risks arising from operational, technological, and AI-driven changes affecting privacy. ESSENTIAL DUTIES: Under the oversight and direction of the Executive Head of Compliance, Ethics, and Regulatory Management, this position is responsible for the following: Governance & Program Leadership Establish, design, and implement a structured framework for the Privacy Program, ensuring a clear delineation of roles and responsibilities for privacy and information governance-related tasks and fostering cross-functional collaboration by involving relevant cross-functional stakeholders through the RACI model. Develop, implement, and maintain comprehensive privacy policies, procedures, work instructions, and governance structures, ensuring ongoing alignment with best practices and regulatory requirements. Develop and routinely update comprehensive policies and procedures governing privacy and data protection for customers and employees, ensuring these guidelines reflect actual business practices and personal data management. Prepare and review privacy notices, disclosures, and customer communications to ensure clarity, transparency, and compliance with disclosure obligations. Establish and maintain clear, actionable protocols for responding to data breaches, aligning response plans with regulatory requirements and organizational operations. Ensure ongoing compliance with privacy regulations by regularly reviewing and revising documentation to accurately represent day-to-day handling of sensitive information. Drive alignment between the Privacy Program, Operational Risk Management Framework, Information Governance, and IT Control efforts. Privacy Impact Assessment (PIAs) & Risk Management Build, implement, and integrate a holistic and scalable Privacy Impact Assessment process to systematically evaluate risk and controls for new products, services, emerging technologies (AI, machine learning, and cloud services), or business processes for privacy risks and recommend mitigation strategies. Assist in the assessment and monitoring of third-party service providers to ensure they meet organizational privacy and data protection standards through tools such as standardized questionnaires, contractual clauses, etc.) and determine the cadence of these efforts. Monitor regulatory changes by staying informed about evolving privacy laws and regulations (such as GLBA, GDPR, CCPA, and other applicable standards) and proactively update policies and practices to maintain compliance, when applicable. Oversee and coordinate the process for responding to individuals' requests to access, correct, delete, or obtain copies of their personal data, ensurinweg all responses are timely and comply with legal and regulatory requirements. Partner with stakeholders to perform regular cross-functional risk assessments. Compliance Monitoring, Metrics & Reporting Design, implement, and maintain a comprehensive privacy monitoring framework that enables continuous oversight of data protection practices, supports the timely identification and escalation of privacy risks, ensures regular and actionable reporting to the Board of Directors, and incorporates robust change management workflows to adapt to evolving regulatory requirements and organizational changes. Design, implement, and continuously refine key priva