Chief Privacy Officer

About The Position

Requirements

• JD
• Minimum 15 years of experience across privacy, data protection, compliance, legal, or risk roles, with strong legal and regulatory experience and comprehensive multi-jurisdictional fluency.
• Includes at least 5 years in a senior leadership capacity with global leadership experience.
• Experience in Property & Casualty insurance is preferred.
• Willingness to travel internationally as needed.
• Demonstrated experience in leading high-performing teams
• Designing scalable operating models, process improvement, data strategy and analytics, and delivering measurable outcomes.
• Executive communication and stakeholder management skills are essential, including the ability to influence enterprise-wide outcomes and navigate competing priorities.

Responsibilities

• Develop and maintain an enterprise privacy strategy aligned with business objectives and regulatory requirements, driving alignment and adoption through partnership and influence across business and functional leaders. Establish governance structures, policies, standards and accountabilities.
• Own and operate enterprise compliance programs for all applicable global and U.S. state privacy regulations, including CCPA and GDPR. Track, assess, and operationalize new and evolving privacy laws, ensuring timely updates to policies, procedures, and controls.
• Design and implement a scalable privacy operating model with defined roles, career pathways and decision rights.
• Oversee the development and execution of privacy processes including data lifecycle management, Data Protection Impact Assessments (DPIAs), consent and preference management, data subject rights, third-party risk management, and incident response. Manage consumer rights and privacy request programs. Coordinate with Information Security and Legal on breach notification obligations in accordance with applicable regulatory requirements.
• Lead with an improvement mindset and apply continuous improvement methodologies to optimize process efficiency, consistency and evidence collection for audit readiness and to maximize team and enterprise resources.
• Develop and maintain analytics to forecast demand, plan capacity, track throughput and illustrate privacy risk to business leaders through dashboards and heat maps.
• Standardize monitoring, testing and evidence artifacts; coordinate internal and external audit activities; track remediation and control effectiveness.
• Collaborate with IT and Cybersecurity to embed privacy-by-design principles and privacy-enhancing technologies; prioritize automation to reduce manual effort. Advise product and technology teams on privacy requirements at the design and development stages. Develop and maintain enterprise privacy notices and consent frameworks to ensure clarity, accuracy, and regulatory compliance.
• Lead a global privacy organization and provide strategic, forward-looking advice to senior leaders and business units, serving as a trusted go-to advisor on privacy risk, emerging regulatory trends, and responsible data use.
• Implement role-based training, establish issue intake and triage processes, and measure adoption and effectiveness.
• Provide cross-functional privacy leadership in support of the enterprise’s Responsible AI governance framework. Partner with risk, data science, technology, legal, and compliance stakeholders to assess privacy risks in AI and automated decision-making and ensure that data use in AI systems is consistent with regulatory obligations, consumer expectations, and company values.

Benefits

• Comprehensive benefits
• Workplace flexibility
• Professional development opportunities
• Opportunities provided through our Employee Resource Groups