VP, Privacy
Listed on 2026-07-11
-
IT/Tech
Information Security, Data Security, Cybersecurity
Job Summary
The Vice President, Privacy develops and implements policies, governance structures, and operational processes resulting in the responsible collection, use, storage, and protection of personal data. The Vice President, Privacy reports into the Legal Department, while partnering with Compliance, Technology, the People Team, Marketing, and executive leadership to embed privacy into business strategy and operations.
This position will be a strategic contributor to company direction and growth. The position will be adept in stakeholder management and an articulate internal and external communicator. They will have the ability to explain complex issues concisely and answer questions with appropriate detail and understanding.
This role requires strong communication, leadership, and executive presence when representing the firm with executives, employees, and other key parties. The position will work hand in hand with the General Counsel to push for broader, deeper strategic thinking and must be able to deliver compelling ideas in a room with some of the industry’s most experienced and innovative executives.
Essential Job Functions- Privacy Strategy & Governance:
Define and execute a comprehensive privacy strategy aligned with business goals, regulatory requirements, and industry best practices. - Regulatory Compliance:
Responsible for compliance with global privacy laws (e.g., SEC Regulation S‑P, GLBA, CCPA/CPRA, GDPR, PIPEDA, state‑level privacy laws), including AI tools, models, and workflows. Monitor regulatory changes and lead organizational readiness. - Policy Development:
Create, maintain, and enforce privacy policies, standards, and data‑handling procedures across the enterprise, and develop and report on compliance metrics. - Risk Management:
Lead privacy risk assessments, DPIAs, vendor risk reviews, and audits. Identify gaps and drive remediation. - AI Policies and controls:
Develop and implement AI‑specific data‑handling policies and controls, including rules for input restrictions, redaction, anonymization, retention, and secure storage of AI‑generated or AI‑processed data, as well as controls for access management, monitoring, and employee training on safe and compliant AI usage. - Data Protection Operations:
Oversee processes for data subject rights, consent management, data retention and deletion, breach response, privacy‑by‑design, and use of data in AI. - Incident Response Leadership:
Assist in managing response to privacy incidents, coordinating with security and communications teams. - Cross‑Functional
Collaboration:
Partner with Compliance, Technology, the People Team, and Marketing to embed privacy into systems, products, and workflows.
- 10+ years of experience in privacy, data protection, compliance, cybersecurity, or related fields.
- Deep knowledge of global privacy regulations and frameworks (GDPR, CCPA/CPRA, NIST Privacy Framework, ISO 27701).
- Proven leadership experience building or scaling privacy programs.
- Strong understanding of data governance, information security, and risk management.
- Exceptional communication skills with the ability to influence at all levels.
- J.D. from an accredited law school is highly preferred.
- Certifications such as CIPP/E, CIPP/US, CIPM, CIPT, or equivalent are highly preferred.
- Strategic thinker with the ability to balance risk, compliance, and business needs.
- Experience working in highly regulated industries (healthcare, finance, technology, government).
- Ability to translate complex legal and technical concepts into clear business guidance.
- Strong crisis management and incident response capabilities.
- Demonstrated success leading cross‑functional teams.
This professional role requires availability during standard business hours of Monday through Friday from 8AM to 5PM. At times, the role may have early or late hours to meet business tasks and deadlines for external and internal client needs.
All roles classified as a non‑exempt are required to record working time into the timekeeping system daily at the start and end of each workday plus a 30‑minute unpaid lunch period.
Working ConditionsThis position…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).