Legal & Compliance - Data Compliance & Risk, SVP

About The Position

Requirements

• 10+ years of experience in compliance, risk management or governance, with expertise in one or more of the following domains: privacy, cybersecurity, records/information governance, or AI ethics/risk.
• Strong understanding of regulatory frameworks such as GDPR, CCPA, DORA, SEC Cyber Rules, EU AI Act and applicable AI laws, NIST, ISO and AI risk guidelines.
• Proven track record of building and operationalizing compliance programs and governance frameworks in a complex, matrixed environment.
• Excellent writing, communication and stakeholder engagement skills; skilled at translating regulatory and risk concepts into actionable guidance and requirements.
• Experience working in or with second line of defense functions; comfortable challenging and guiding business units and corporate groups.
• Experience in financial services, healthcare, technology or other highly regulated sectors.
• Experience managing geographically distributed teams.
• Navigate ambiguity, influence without authority and drive progress across competing priorities.

Nice To Haves

• Experience building compliance or risk functions
• Familiarity with GRC platforms
• Familiarity providing compliance or risk support for the implementation of privacy, AI or other governance platforms
• CIPP, CISM or similar certifications

Responsibilities

• Lead and manage a globally distributed team of compliance professionals and analysts, providing day-to-day oversight, coaching and professional development support in a distributed environment.
• Oversee the development and enhancement of compliance frameworks across Privacy, Cybersecurity, AI and Records, ensuring consistency with regulatory requirements and internal policies and risk appetite.
• Own and enhance information risk management programs, including data retention, disposition and e-discovery.
• Own the full compliance lifecycle, including: -Policies, standards and procedures -Governance charters and control mapping -Roles and responsibilities documentation (e.g., RACI matrices) -Training, awareness, and culture initiatives -Monitoring, testing and effectiveness reviews -Issues management, escalation and reporting
• Forge strategic partnerships with key internal stakeholders.
• Collaborate with risk owners and control functions to align on compliance requirements and validate control design and implementation.
• Identify and close gaps in existing compliance programs, building mechanisms to measure, demonstrate, and report on program effectiveness and maturity.
• Drive the creation and maintenance of central documentation and evidence repositories to support audits, assessments and regulatory examinations.
• Serve as a thought partner on emerging risks in AI governance, data use, and evolving cyber and privacy regulations.
• Monitor the dynamic regulatory environment and communicate obligations with key stakeholders.

Benefits

• comprehensive health benefits, including but not limited to medical, dental, vision, and FSA benefits
• paid time off
• life insurance
• 401(k) plan
• discretionary bonuses