Principal Risk Manager, Privacy, WW SPS Tech PMO

About The Position

Requirements

• Bachelor's degree or equivalent in Risk Management, Business Administration, Security Management, or a related field
• 10+ years of risk management, audit, legal, compliance, operations, or a similar discipline experience
• Experience working cross-functionally with tech and non-tech teams
• Experience using data and metrics to back up assumptions and develop business cases
• Experience with cross functional project or program delivery
• 8+ years of communicating with and presenting to executive and senior audiences experience
• Experience in Privacy Law
• Experience communicating with customers, technical, regulatory, business teams, and management to collect requirements, describe product features, and technical designs

Nice To Haves

• Experience with data privacy operations including Data Subject Access Requests (DSAR) and data deletion/retention frameworks
• CIPP/E, CIPP/US, CIPM, or other recognized privacy certification
• Experience with privacy-by-design principles and their application in large-scale technology environments
• Experience managing regulatory escalations involving Data Protection Authorities (e.g., ICO, EU DPAs)
• Familiarity with Amazon's development lifecycle and data management systems

Responsibilities

• Own SPS Privacy strategy, priorities, mechanisms, and execution across all Seller data processing activities worldwide
• Drive compliance with GDPR, CCPA, and emerging privacy regulations across hundreds of SPS applications
• Influence 5+ VP organizations to prioritize privacy investments, navigating tension between Seller experience, legal requirements, and competing business priorities
• Resolve organizational ambiguity and ownership gaps requiring Director/VP alignment across multiple technical and business teams
• Lead strategic escalations to VP/SVP leadership with high-quality written documents informing risk exposure and compliance posture
• Define and own annual privacy goals, including Data Subject Access Requests (DSAR), Account Closure and Data Deletion (ACDDR), and automation coverage targets
• Partner with Amazon Privacy, Legal, and Privacy Bar Raisers to define obligations and influence tooling roadmaps
• Monitor emerging regulatory enforcement actions and proactively de-risk the business
• Make high-judgment trade-offs between compliance deadlines, business opportunity, and resource constraints in a historically under-invested domain

Benefits

• health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
• 401(k) matching
• paid time off
• parental leave
• sign-on payments
• restricted stock units (RSUs)