Privacy & Data Governance Lead

About The Position

Requirements

• 10–15+ years of relevant experience in privacy, data governance, compliance, technology, consulting, legal, or a related field
• Experience advising senior executives and leading cross-functional initiatives across complex, matrixed organizations
• Experience leading privacy assessments, Privacy by Design reviews, and enterprise privacy initiatives
• Demonstrated expertise supporting direct-to-consumer, advertising technology, marketing technology, digital product, or consumer data environments
• Significant experience with privacy management technologies, including OneTrust
• Experience applying privacy and governance frameworks, including the NIST Privacy Framework, ISO/IEC 27701, or comparable standards
• Deep knowledge of privacy, data governance, and responsible AI frameworks, controls, regulations, and best practices
• Strong knowledge of global privacy and data protection requirements, including GDPR, UK GDPR, LGPD, and U.S. state privacy laws
• Expertise in Privacy by Design principles, privacy risk assessment methodologies, and privacy program management
• Demonstrated experience advising senior executives and stakeholders on privacy, data governance, and emerging technology risks
• Strong understanding of direct-to-consumer, advertising technology, marketing technology, digital product, and consumer data ecosystems
• Experience supporting privacy, data governance, or technology initiatives within media, sports, entertainment, broadcasting, streaming, digital content, or consumer-facing organizations
• Experience with consent management, identity resolution, data sharing, measurement technologies, and related privacy considerations
• Significant experience with OneTrust and privacy management technologies, including assessments, data mapping, consent management, and privacy operations workflows
• Familiarity with recognized privacy and governance frameworks, including the NIST Privacy Framework and ISO/IEC 27701
• Understanding of artificial intelligence governance principles, emerging AI regulatory requirements, and responsible use of personal, confidential, and restricted data in AI-enabled technologies
• Proven ability to influence and advise stakeholders and drive outcomes in a matrixed environment without direct authority
• Strong cross-functional collaboration experience across legal, technology, analytics, marketing, and business teams
• Sound business judgment with the ability to balance risk, compliance, and operational priorities
• Strong analytical, problem-solving, and strategic thinking capabilities
• Excellent communication skills, with the ability to translate complex concepts into clear, actionable guidance

Nice To Haves

• Professional privacy certifications such as CIPP/US, CIPP/E, CIPM, or CIPT strongly preferred

Responsibilities

• Partner with the Chief Privacy & Data Governance Officer to advance the NBA’s privacy and data governance strategy
• Advise senior executives and stakeholders across departments, regions, and affiliated leagues on privacy and data governance requirements and risk considerations, providing business-aligned recommendations
• Lead cross-functional collaboration with Legal, Compliance, Technology, Data Strategy & Analytics, Cybersecurity, and business teams to identify privacy and governance risks and develop practical recommendations
• Assess data practices to identify privacy, governance, and data quality risks; recommend and drive mitigation strategies
• Support development and implementation of global privacy and data governance policies, frameworks, standards, and operational guidance
• Lead governance and continuous improvement activities associated with the NBA’s OneTrust platform and privacy management processes
• Lead Privacy Impact Assessments (PIAs), Data Protection Impact Assessments (DPIAs), and Privacy by Design reviews for new technologies, products, business initiatives, and data uses
• Serve as a subject matter expert on privacy considerations related to media, broadcasting, digital content, audience measurement, direct-to-consumer platforms, advertising technology, marketing technology, digital products, analytics, artificial intelligence, and emerging technologies
• Advise stakeholders on the responsible use of artificial intelligence, machine learning, and automated decision-making technologies with personal, confidential, and restricted data
• Monitor evolving privacy, data governance, artificial intelligence, and emerging technology requirements and assess potential impacts to NBA business activities, including developments related to the EU AI Act and other emerging global regulatory frameworks
• Support alignment of privacy and governance activities with recognized frameworks and standards, including the NIST Privacy Framework and ISO/IEC 27701
• Translate policies and strategy into practical guidance, tools, and processes for stakeholders
• Advise senior leaders on emerging privacy, data governance, and AI-related risks, industry trends, and leading practices to support informed decision-making and responsible innovation
• Develop and deliver communications, training, and awareness initiatives to strengthen privacy and data governance capabilities across the enterprise
• Serve as a key internal advisor and connector, driving alignment across teams on complex privacy, data governance, and responsible data use matters

Benefits

• medical
• dental
• vision
• life/AD&D insurance
• short- and long-term disability
• fertility and family-forming assistance
• wellbeing allowance
• educational assistance
• mental health coaching/therapy
• tax advantaged accounts such as HSA and healthcare/dependent care FSAs
• a 401(k) retirement plan
• time off benefits that include vacation, sick time, and personal days
• annual discretionary performance bonus