Privacy Legal Specialist

Foods you love. Brands you trust. And a career that empowers you to grow.

At Nestlé USA, we’re all working towards the same goal – to delight and deliver for our consumers. With a rich portfolio of beloved brands, including DiGiorno, Toll House, and Coffee mate, in 97% of U.S. households, we have a unique opportunity – and responsibility – to be there for every moment in our consumers’ lives.

Joining Nestlé means becoming part of an inclusive workplace that inspires innovation, encourages strategic thinking and creativity, and celebrates your achievements. No matter where you work within the organization, you are empowered to the status quo, embrace risk-taking, and pioneer new ideas. Our supportive and collaborative environment encourages bold ambitions and continuous learning so that everyone can grow and thrive.

Shiny note:
This position is not eligible for Visa Sponsorship.

Nestlé USA (NUSA) is looking for an enthusiastic data privacy specialist to assist the company in privacy, data retention, and data security incident response. Serving as the Data Privacy Champion for NUSA, this candidate will be responsible for understanding the main data flows between Nestlé entities and our third party vendors, enhancing and maintaining the One Trust data map, raising awareness of data privacy requirements within the organization, providing or organizing data protection training for Nestlé employees and contracted staff, handling any privacy queries, requests or complaints, and other responsibilities as needed to support the legal and compliance function.

• Act as privacy advocate across the organization, providing training and guidance to teams and individuals as needed to promote awareness and compliance.
• Support business initiatives that involve the processing of personal data, ensuring alignment with applicable privacy laws and internal policies.
• Coordinate updates to privacy policies and terms of use in collaboration with legal and business stakeholders.
• Create and improve privacy‑related standard operating procedures (SOPs) to ensure consistency and clarity across business processes.
• Help implement new technical changes to privacy program as required by changing U.S. laws and regulations.
• Assist in preparations for updates to senior management on data protection issues and risks, and/or progress on data protection initiatives.
• Collaborate with other business areas within the relevant Nestlé entities to ensure they are aware of any risks or initiatives.
• Stay informed of industry trends, best practices, and new innovative solutions as it relates to data privacy and governance.
• Provide support to wider compliance team with compliance administrative items as needed.

• Monitor and update processes to handle data subject requests, such as access requests, deletion requests, do‑not‑sell requests, and other data rights requests as required by privacy laws.
• Respond to personal data inquiries and complaints from employees or retail customers in a timely manner.
• Manage the process of informing third‑party vendors and service providers of consumer data rights requests.

• Assist business functions with undertaking privacy impact assessments regarding all new system, digital assets, or projects involving the processing of personal data.
• Support the business in managing the mitigation of identified risks and ensure remediation activities are prioritized in accordance with the impact analysis.
• Ensure that appropriate measures are taken to mitigate any risk identified as part of an audit.

• Support cross‑functional data security incident response team.
• Initiate incident response meetings as necessary, track key details, and follow up with larger group regarding action items.

• Service and team orientation, flexibility, collaborative, ability to work in a diverse environment, and good communication and interpersonal skills.
• Passion for working with technology, IT systems, and data collection and governance practices.
• Interpersonal skills to…