Chief Compliance Officer and Global Counsel, Data Protection and Corporate Responsibility

About The Position

Requirements

• Juris Doctor (JD) from an ABA-accredited law school
• Active U.S. bar license
• Fifteen plus (15+) years of progressive legal experience
• Demonstrated expertise in global regulatory compliance
• Knowledge of U.S. and European Union sanctions, anti-corruption, and data protection laws affecting multinational companies (e.g., U.S. Foreign Corrupt Practices Act, GDPR, NIST Cybersecurity Framework)
• Experience advising executive leadership with the confidence and credibility to deliver clear, candid, and business-oriented counsel
• Effectively balance local market requirements with an enterprise-wide perspective
• Willingness to travel up to five weeks per year

Nice To Haves

• Experience in hospitality, travel, technology, or consumer-facing industries
• Experience leading complex internal investigations
• Demonstrated leadership of global, multidisciplinary teams
• Experience managing compliance and data protection programs across distributed operations
• Experience interacting with government regulators and corporate Boards
• Experience with corporate responsibility initiatives, including AI governance, human rights protections, and environmental regulation

Responsibilities

• Ethics & Compliance Leadership Provide strategic legal counsel across a complex global portfolio, including bribery and anti-corruption (including U.S. Foreign Corrupt Practices Act compliance), fraud prevention, global sanctions, export controls, data privacy, mergers and acquisitions, and emerging regulatory areas governing corporate responsibility, including environmental sustainability, human rights, and AI governance.
• Lead the global compliance strategy and governance framework, including enterprise risk assessments, third-party risk management, due diligence, KPIs, monitoring and testing, and reporting to senior leadership and the Board.
• Engage directly with the Audit Committee on ethics, compliance, data protection, and emerging regulatory risk matters, including escalation of material issues.
• Provide quarterly in-person reporting to the CEO and Audit Committee.
• Advise on conflicts of interest and oversee enterprise-wide processes for identification, disclosure mitigation, and escalation consistent with global best practices.
• Evolve enterprise compliance training and communications to align with risk assessments, policy updates, monitoring results, emerging business practices, technology innovation, and geopolitical and sanctions-related risks.
• Investigations & Regulatory Engagement Direct and oversee responses to investigations, audits, and inquiries from global regulators and enforcement authorities, including the U.S. Department of Justice, Securities and Exchange Commission, Federal Trade Commission, and relevant authorities across Asia, Europe, the Middle East, Africa, and the Americas.
• Exercise independent judgment to ensure defensible, timely, and proportionate outcomes.
• Oversee the employee ethics hotline and ensure concerns are promptly reviewed, investigated, and escalated in accordance with company policies and ethical standards.
• Lead high-risk internal investigations involving alleged ethical or legal violations.
• Implement corrective and remedial actions that strengthen enterprise-wide compliance culture, governance, and accountability.
• Data Protection & Technology Governance Own and continuously enhance the enterprise data protection program, including global privacy policies, consent management frameworks, certifications and attestations, Data Protection Impact Assessments (DPIAs), transfer impact assessments, and responses to data subject requests.
• Enable compliant use of guest and partner data across jurisdictions while maintaining consistent global privacy and consent standards.
• Partner with the Chief Information Officer (CIO) and Chief Information Security Officer (CISO) to maintain a strong cybersecurity program, including incident response playbooks and cybersecurity exercises.
• Advise on global cybersecurity laws and regulatory requirements.
• Support responsible adoption of emerging technologies, including artificial intelligence, by establishing governance frameworks and model risk controls that promote innovation while mitigating legal and regulatory risk.
• Corporate Responsibility & Human Rights Advise on Hilton's enterprise human rights and environmental regulatory compliance strategy, including human rights due diligence in global supply chains.
• Integrate responsible business practices into owner, operator, and partner engagements.
• Support compliance with emerging global corporate responsibility regulations and reporting frameworks.
• Strategic Collaboration & Leadership Serve as a trusted advisor to the CEO, EVP & General Counsel, Executive Leadership Team, and Board of Directors on complex, cross-border compliance, data protection, and regulatory matters.
• Collaborate closely with Corporate Affairs, Communications, Human Resources, Technology, Commercial Services, Operations, Development, and regional leadership teams within a highly matrixed global organization.
• Chair or co-lead cross-functional governance forums, including Data Governance Councils and Sanctions or Human Rights Working Groups.
• Coordinate with external counsel and specialized advisors.
• Lead, mentor, and develop a global team of attorneys and compliance professionals, fostering a high-performance, inclusive culture.

Benefits

• Go Hilton travel program
• Employee stock purchase program
• Paid time off including parental leave