SVP, Data Governance, Privacy & Risk

About The Position

Requirements

• Bachelor's or Master's degree in Information Management, Computer Science, Business Administration, or equivalent related work experience.
• 10+ years of experience in data governance, data management, privacy, or related roles.
• At least one relevant certification in data governance or privacy, such as CIPP, CIPM, CIPT, or CDMP.
• Proven experience in developing and implementing data classification frameworks in a large organization.
• Expert knowledge of global privacy laws, including GDPR, PIPEDA, and CCPA, and their application in a corporate setting.
• Strong leadership, communication, and stakeholder management skills, with the ability to influence and drive change in a complex organizational environment.
• Ability to work independently and manage relationships across functions and regions.

Nice To Haves

• Experience with One Trust tools.
• Experience in the advertising or media industry.
• Experience managing a global team.

Responsibilities

• Design, implement, and maintain the enterprise-wide data governance framework, policies, and standards.
• Establish and lead a data steward program, defining roles and responsibilities for data owners and custodians across the business.
• Implement processes and tools to monitor and improve data quality, accuracy, consistency, and reliability.
• Oversee the development and maintenance of a central data catalog and metadata repository to ensure data is discoverable and understandable.
• Implement and manage data lineage practices to track the origin, transformation, and usage of data across systems.
• Partner with internal business and technology leaders to ensure adoption of data governance policies and collaborate with external partners to align on data standards and practices.
• Partner with Business and Legal Affairs (BALA) team to ensure and demonstrate compliance with all applicable global data privacy regulations, including GDPR, CCPA/CPRA, and other emerging laws.
• Partner with product, technology, and business teams to embed privacy-by-design principles into all new products, platforms, and services.
• Lead and manage the process for conducting Data Protection Impact Assessments (DPIAs) for new and existing data processing activities.
• Oversee and manage the processes for handling data subject access requests (DSARs) and other individual rights.
• Lead the privacy response to data incidents and breaches, including investigation, regulatory notifications, and remediation efforts.
• Act as a key liaison between internal legal, product, and marketing teams on privacy-related matters, and engage with external regulators, clients, and partners on privacy inquiries.
• Perform ongoing risk assessments to identify, analyze, and evaluate data-related risks to the organization.
• Develop and implement risk mitigation strategies and business continuity plans to address identified threats.
• Prepare and present risk reports tailored to various audiences, from the Board of Directors to individual department heads.
• Establish and manage a vendor risk management program to assess and monitor the security and privacy risks of third-party vendors and partners.
• Build risk awareness across the company by providing training and support to all departments.
• Work closely with internal department heads to understand their risk exposure and collaborate with external auditors, insurers, and consultants on risk management initiatives.
• Track and analyze global regulatory developments and enforcement trends, advising leadership on potential impacts and necessary actions.
• Conduct policy and compliance audits to ensure adherence to internal policies and external regulations.
• Serve as the primary point of contact for and liaise with internal and external auditors for all compliance-related matters.
• Develop and oversee training programs to educate employees on their compliance obligations.
• Maintain comprehensive records of compliance activities, including audits, assessments, and regulatory communications.
• Coordinate with internal teams to implement and validate compliance controls and engage with external legal counsel and regulatory bodies as needed.

Benefits

• health insurance coverage
• life and disability insurance
• retirement savings plans
• company paid holidays
• unlimited paid time off (PTO)
• mental health and wellness resources
• pet insurance
• childcare resources
• identity theft insurance
• fertility assistance programs
• fitness reimbursement