Director, Privacy Operations and Governance; Hybrid - Seattle
Job in
Seattle, King County, Washington, 98127, USA
Listed on 2025-12-20
Listing for:
Nordstrom
Full Time
position Listed on 2025-12-20
Job specializations:
-
IT/Tech
Cybersecurity, Data Security, IT Consultant, Information Security
Job Description & How to Apply Below
Seattle, WAtime type:
Full time posted on:
Posted Todayjob requisition :
R-805499###
** Job Description
** As a Director of Privacy Operations and Governance within Nordstrom's Governance, Risk, and Compliance (GRC) team, you will lead the design, implementation, and execution of Nordstrom's Privacy and Governance programs. You will ensure compliance with U.S. privacy regulations, manage cybersecurity governance risks, and embed best practices across the enterprise to enhance Nordstrom's security posture and protect customer this role, you will act as the operational engine behind privacy and governance initiatives, partnering closely with Legal, HR, Marketing, Finance, and other business units.
You will work across departments and functional lines on a variety of programs that range in scope, risk, and complexity.
** A day in life...
*** Lead the design, implementation, and management of enterprise-wide privacy and governance operations
* Build and scale privacy operations processes including Privacy Impact Assessments (PIA), data subject rights workflows, and privacy-by-design reviews
* Develop governance frameworks defining roles, responsibilities, and accountability structures for data privacy risk
* Own lifecycle management of privacy and cybersecurity policies: creation, review, approval, and updates
* Ensure compliance with U.S. privacy laws (CCPA/CPRA, Colorado CPA, Virginia VCDPA, Connecticut, Utah, and emerging state laws)
* Establish a comprehensive governance model to measure and track the maturation of the overall cybersecurity program on a regular basis
* Create governance reporting mechanisms and executive dashboards for program maturity and risk posture
* Lead incident response for privacy breaches, including investigation, documentation, and regulatory reporting
* Define KPIs and KRIs for privacy and cybersecurity governance programs with regular leadership reporting
* Conduct maturity assessments and gap analyses to identify improvement opportunities
* Develop and deploy privacy and governance training programs with role-based curricula
* Oversee vendor privacy risk assessments and ensure appropriate contractual terms (DPAs, BAAs)
* Implement data classification schemes, ownership models, and lifecycle management processes
* Serve as operational privacy and governance expert across departments, partnering with Legal and Cybersecurity to ensure program alignment
* Develop and manage a roadmap informed by governance insights to prioritize initiatives and allocate resources effectively
* Build relationships with business leaders as a trusted advisor on privacy and governance matters
** You own this if you have...
*** Bachelor's degree; JD, MBA, or relevant advanced degree preferred or equivalent experience
* 10+ years in privacy, data protection, governance, compliance, or risk management, with 8+ years in leadership roles
* Experience building governance frameworks in complex, multi-functional organizations
* Strong knowledge of U.S. privacy regulatory landscape and practical operationalization experience
* Expertise in governance frameworks, policy management, and program execution
* Deep understanding of the retail business domain, including experience with online, phone order, and physical store sales channels
* Knowledge of how privacy and regulatory requirements can be met across a diverse set of technical environments—from legacy mainframe computers to containers in the cloud
* Strong bias for results and can operate with autonomy to address bottlenecks, provide escalation management, anticipate and make trade-offs, and encourage behavior to maximize business benefit
* Highly collaborative skillsets and can build and leverage relationships with internal and external stakeholders
* Proven ability to lead cross-functional teams and enterprise initiatives
* Excellent written and verbal communications, including presentation skills, and proven ability to effectively communicate with all levels of the organization, including executive leadership
*
* Preferr…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×