Director, Privacy and Data Governance

Under the direction of the Chief Legal Officer, the Director, Privacy and Data Governance plays a leading role in shaping and executing the organization’s privacy strategy, including policies, procedures, and initiatives. This position will be responsible for the oversight of all privacy programs/plans to ensure that leaders, management, and colleagues comply with all applicable law governing the business, including but not limited to federal and state laws.

Additionally, this role will create and complete risk assessments to identify and suggest prioritization of privacy risk for the organization, training and awareness, and determine how to maintain and improve adherence to regulatory requirements and corporate policies.

Key Responsibilities

• Develop, implement, and maintain Privacy policies, practices and procedures, working collaboratively with stakeholders across the organization.
• Assist business units with development of tools and methodologies to ensure on-going compliance (e.g. DPIAs, data mapping, privacy-by-design).
• Act as the primary resource for the organization and offer guidance when needed.
• Ensure all business and data management processes reflect privacy requirements and comply with laws and regulations.
• Coordinate closely with cross-functional internal teams to design our internal and external narrative regarding policy matters.
• Ensure the company stays ahead of changes in Privacy law and regulations that impact our business, and work closely with and collaborate with the leadership team and other internal stakeholders to assess the impact of the changes to organizational goals.
• Assist in the establishment of corporate strategies, policies, and plans which align with government laws, regulations, and standards.
• Assess and identify areas of policy, security and financial compliance, privacy vulnerabilities and risk.
• Lead the organization’s response to privacy-related incidents.
• Work to ensure the organization maintains appropriate privacy and confidentiality consent procedures, authorizations, and information notices.
• Work across other departments to ensure that third-party contracts and operating level agreements meet applicable privacy requirements. Conduct regular privacy policy compliance assessments to ensure the privacy policies are being adhered to.
• Establish a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the organization’s privacy policies and procedures
• Craft training and awareness programs or provide updates when necessary.

About You

• Bachelor’s degree required; JD or Master’s degree in Policy Administration or related combination of experience and skills preferred.
• A minimum of 7-10 years of experience in privacy and data protection, preferably in finance/technology areas
• CIPP certification (e.g., CIPP/US, CIPP/E, CIPM, CIPP/C)　
• Highly organized, detail-oriented, dependable team player, who thrives in high growth and fast-paced environments
• Ability to manage competing demands, shifting priorities, and the interests of multiple stakeholders
• Excellent communication and interpersonal skills
• Proactive and collaborative, with a deep sense of personal accountability, ownership, and pride in your work

Visa sponsorship is not available for this position.