Responsibilities:

• Reporting to the Associate General Counsel (Product & Privacy), you will support and assist the AGC with (non-exhaustive list):
• Designing, building, and maintaining the company’s privacy program, e.g., compliance operations; strategic governance and documentation; training and awareness; policy, notice, forms, and process generation, maintenance, and enforcement; program monitoring and auditing; incident management; risk assessment; DSAR or subject requests; and more. 
• Driving strategic vision, guiding teams and stakeholders, and providing project management support and leadership, spanning privacy and data processing issues across the organization.
• Promoting and encouraging a culture of data privacy across the organization.
• Partnering closely with business and engineering teams to integrate privacy frameworks, particularly Privacy by Design and HIPAA.
• Facilitating generation and maintenance of data flow inventories, engaging with stakeholders to educate on and mitigate related risks.
• Developing commercial/go-to-market support playbooks, drafting and reviewing data processing and privacy terms in inbound and outbound commercial contracts, responding to RFPs, supporting vendor onboarding, and reviewing data agreements for compliance.
• Staying informed of developments in global privacy and data protection laws, regulations and other government policy initiatives that could impact the business; identify and assess risk and compliance requirements, including implementing controls and ongoing compliance monitoring. 

Qualifications:

• 4+ years of professional experience in data protection, privacy, cybersecurity, regulatory compliance, legal or a related field desired.
• Working knowledge of U.S. privacy and data protection laws, particularly HIPAA and CCPA / CPRA.
• Strong oral and written communication skills, including the ability to communicate across cross-functional teams and help build consensus among stakeholders.
• Demonstrable program management skills with the ability to manage multiple projects simultaneously, help drive cross-functional alignment, and bring projects to successful completion.
• Experience designing, implementing, and maintaining a data privacy program, and related proficiency developing policies, processes, standards, training, and more.
• Experience reviewing and editing contracts, and ability to synthesize regulations and guidance and translate into practical operations.
• Experience in technology and health care services, highly desirable.
• CIPP/US and/or CIPM preferred.
• Bachelors or equivalent required; legal degree a plus.