Senior Data Privacy Manager

Job Title: Sr. Data Privacy Manager

Location: Corporate

Department: Information Security

Reports To: Head of Information Security

Supervisory Responsibility: None

The Senior Data Privacy Manager is responsible for leading the daily operations of the data privacy program across the organization’s North American entities. The role ensures compliance monitoring, data subject request management, and accurate record keeping. This position implements data protection strategies and internal controls to mitigate risks of data misuse while ensuring adherence to internal policies and privacy regulations.

The manager will deliver privacy training, maintain privacy documentation, and conduct audits to identify areas for improvement. This individual will also support Data Protection Impact Assessments (DPIAs) in collaboration with Legal, and participate in IT projects, architectural reviews, and contract assessments involving personal data.

Additional responsibilities include ensuring vendors meet contractual data privacy requirements and coordinating with departments such as IT, Information Security, Legal, HR, and Customer Care to address privacy-related issues, regulatory inquiries, and consumer complaints.

• 1st: Operational Oversight – Manage daily privacy functions, ensuring compliance and appropriate handling of data subject requests (e.g., access, deletion, modifications).
• 2nd: Policy Implementation – Apply data protection strategies, enforce privacy policies, and establish internal controls to safeguard personal information.
• 3rd: Training & Documentation – Develop training materials, deliver staff education, and maintain processing activity records and supporting documentation.
• 4th: Audits & Assessments – Conduct internal audits to identify compliance gaps and assist with DPIAs for new projects. Evaluate system designs related to the lifecycle of personally identifiable information (PII).
• 5th: Vendor Oversight – Review contracts to ensure privacy terms are in place, oversee third‑party compliance, and manage agreements involving PII processing.
• 6th: Program Support – Work with cross‑functional teams to implement technical and organizational privacy controls. Support regulatory responses and develop procedures for handling PII‑related customer concerns.

• Bachelor’s degree in law, computer science, IT/security, business administration, or a related field (advanced degree preferred).
• Preferred certifications: CIPP/E, CIPM, CISSP, CISM, CRISC, or similar.
• 8+ years of experience in privacy, compliance, or data protection roles.
• Proven ability to implement enterprise‑wide privacy initiatives.
• Strong understanding of U.S. privacy laws (e.g., CCPA, CPRA, HIPAA) and international frameworks (e.g., GDPR, ISO 27701).
• Familiarity with Canadian and Mexican privacy regulations is a plus.

• Excellent organizational and project management capabilities.
• Strong interpretation and application of privacy laws in a corporate context.
• Effective written and verbal communication skills.
• Ability to work across departments to drive privacy and compliance objectives.