Privacy Program Manager

We are looking for a Privacy Program Manager that thrives in a fast-paced and challenging environment. In this role, you will help build out Rubrik’s privacy transactional operations while ensuring compliance with various data protection laws. Furthermore, you will interface with departments including procurement, commercial legal and sales teams operating in the US and globally, and work with them to achieve important business objectives while staying compliant and meeting applicable regulatory requirements. 

What you'll be doing:

• In support of commercial Legal, review and negotiate customer facing data processing agreements, data transfer agreements and business associate agreements.

• Review of procurement contracts for commodities purchased by internal teams  and provide guidance on the appropriate implementation from a data privacy by design perspective. 

• Lead, coordinate and manage internal privacy reviews (including data mapping and recording processing activities), data privacy impact assessments and external assessments.

• Keep abreast of and advise on applicable laws, regulations and industry guidance that impact digital marketing, ad placement, cross contextual advertising and the use of cookies and other tracking technologies.

• Update and maintain privacy documentation such as privacy notices and policies to align with business activities and use practices.

• Collaborate with business owners to prioritize projects and solutions to reduce privacy risk and improve compliance.

• Ensure operating effectiveness of privacy policies and controls.

• Educate and train process owners about privacy and data protection.

Experience you'll need:

• Must have 7-10+ years of work experience in Data Privacy and/or, Commercial Legal with an emphasis on supporting Data Privacy activities or Global Risk Compliance Management.

• -Must have negotiated privacy agreements.

•  

  -Must have negotiated technology agreements in the procurement space.

•  

  -Must have done privacy reviews.

•  

  Experience with applicable data protection laws throughout the US, Europe and the United Kingdom and knowledge of guidelines published by the EDPB (Working Party29), the UK ICO and other governing bodies regarding direct marketing activities.

• Subject matter experience with privacy and data protection measures, including regulations such as GDPR, CCPA (as amended by the CPRA) and other data protection laws. 

• Knowledge of compliance methods, standards, processes, governance models, and industry standard compliance frameworks.

• Experience with IT, Software-as-a-Service or cloud service providers industry challenges.

• Excellent interpersonal, verbal, and written communication skills with the ability to communicate privacy concepts to a broad range of technical and non-technical staff.

• Equally comfortable working with other members of the team, as well as independently.

• Proficient user of OneTrust data mapping and assessment automation modules.

• CIPP-E, CIPM, CIPT, CISSP, or other related certifications.

• Juris Doctor (JD) preferred.