Data Privacy Officer

Virginia Information Technologies AgencyRichmond, VA
$155,000 - $178,250Hybrid

About The Position

The Virginia Department of Motor Vehicles is seeking an accomplished privacy executive to serve as Data Privacy Officer, a senior executive role reporting directly to the Commissioner. In this position, you will establish, direct, and continuously strengthen DMV's enterprise data privacy program, exercising agency-wide authority over data protection policy, privacy compliance, and risk management across approximately 2,200 employees, 75 service locations, and multiple enterprise systems that hold citizen personally identifiable information. This is a rare opportunity to build and lead a comprehensive privacy governance function from a position of real authority. You will directly oversee the Director of Records Access, the Director of Data Analytics, the Data Audits Program, and the Data Governance Program, giving you the scope and the team to shape how an entire agency protects the trust citizens place in it.

Requirements

  • Progressive experience in data privacy, information governance, or regulatory compliance, including experience in a senior leadership role with direct supervisory responsibility.
  • Expert knowledge of federal and state privacy law (Virginia Code § 46.2-208, VCDPA, the Privacy Act, DPPA) and its application to state agency operations.
  • Strong analytical ability to assess privacy risk, interpret complex legal requirements, and translate them into operational guidance.
  • Executive-caliber written and oral communication skills, with the ability to produce board-ready briefings, policy, and training materials.
  • Sound judgment and the integrity to provide frank compliance advice to senior leadership, even under pressure.
  • A collaborative leadership style and the ability to build cross-functional relationships and drive results through influence.
  • Working familiarity with data mapping, records management, and information security concepts sufficient to engage credibly with IT and legal counterparts.
  • Exposure to GRC platforms, enterprise data classification tools, and VITA SEC 530 standards.
  • A valid Virginia driver's license with no more than 6 demerit points, and the ability to pass a background investigation.

Nice To Haves

  • Certified Information Privacy Professional/Government (CIPP/G) or CIPP/US designation (IAPP).
  • Certified Information Privacy Manager (CIPM) or Certified Information Systems Security Professional (CISSP).

Responsibilities

  • Build and maintain an enterprise data privacy program aligned with the Virginia Consumer Data Protection Act (VCDPA), the Driver's Privacy Protection Act (DPPA), the Privacy Act, VITA SEC 530, and applicable federal frameworks.
  • Own and annually review agency-wide privacy policies and standards governing the full lifecycle of personally identifiable information.
  • Serve as the agency's designated Privacy Officer and primary point of contact for citizens, oversight bodies, and partner agencies.
  • Advise the Commissioner directly on privacy risk, regulatory change, and strategic data governance decisions.
  • Represent DMV before VITA, the Office of the Attorney General, DHRM, and other Commonwealth entities on privacy matters.
  • Direct the Data Audits Program, leading a rolling privacy risk assessment cycle and driving corrective action.
  • Conduct Privacy Impact Assessments for new or substantially modified systems and data-sharing arrangements.
  • Maintain the agency's data inventory and records of processing activities.
  • Lead the agency's response to privacy incidents, including required breach notifications, in partnership with the CIO and IT Security & Risk Management.
  • Provide direct supervision and strategic direction to the Director of Records Access and the Director of Data Analytics.
  • Set standards, performance expectations, and annual priorities for the Data Governance Program.
  • Review and approve data-sharing agreements, MOUs, and vendor contracts for privacy compliance.
  • Oversee citizen data subject access requests and privacy complaints in coordination with legal and records teams.
  • Design and deliver a tiered, role-based privacy training program reaching all DMV employees.
  • Monitor legislative developments affecting data privacy and brief agency leadership on operational impact.
  • Develop and execute a multi-year data privacy strategy aligned with the agency's broader strategic and technology roadmap.
  • Deliver executive-level briefings, dashboards, and annual reports on the state of the privacy program.

Benefits

  • telework eligibility
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service