Data Protection Officer

We are seeking an experienced and results-driven Data Protection Officer (DPO) to lead and operate our enterprise privacy and data protection program. This is a senior individual contributor role for a hands-on leader who can translate complex regulatory requirements into practical, scalable controlsprotecting people and data while enabling the business to move quickly and responsibly.

As the company's trusted authority on privacy, data governance, and ethical data use, you will partner closely with Legal, Information Security, Product, Engineering, Data, People, and Go-To-Market teams to embed privacy-by-design across systems, data flows, and business processes. While advanced tooling and automation support program execution, you will remain accountable for ensuring these systems are effectively designed, implemented, and continuously improved.

This role operates with a high degree of autonomy and discretion. You will be trusted with highly sensitive information and expected to exercise sound judgment when balancing regulatory risk, contractual obligations, and business priorities. Success requires strong ownership, execution rigor, and the ability to influence outcomes without formal authorityestablishing guardrails that reduce risk without slowing the business.

This position is critical to strengthening the organization's compliance posture, increasing visibility into data risk, and supporting responsible innovation as the company continues to scale.

• Build and execute a measurable enterprise privacy and data protection program
• Identify and prioritize high-impact data risks across the business
• Deliver timely outcomes across DPIAs, DSARs, incident response, and compliance obligations

• Act as the authoritative owner for privacy and data protection initiatives
• Lead enterprise data governance practices including data mapping, classification, retention, and lifecycle management
• Serve as the primary point of contact for regulators, data subjects, and internal stakeholders

• Design scalable, auditable privacy-by-design controls across products and operations
• Standardize workflows for RoPA, DPIAs, vendor privacy reviews, and incident response
• Define metrics and reporting to provide leadership with clear visibility into data risk and program maturity

• Leverage GRC platforms, data governance tools, and collaboration systems to modernize privacy operations
• Apply automation and GenAI to data discovery, classification, policy enforcement, and risk analysis
• Continuously evaluate emerging technologies and best practices to strengthen data protection capabilities

• 10-17 years of experience in privacy, data protection, governance, GRC, or security engineering
• Qualification (BE/B Tech / Masters in CS)
• Proven ownership of enterprise-scale privacy or data protection programs
• Strong working knowledge of GDPR, CCPA/CPRA, and U.S. state privacy laws
• Familiarity with PCI DSS, SOC 2, and the NIST Privacy Framework
• Hands-on experience with Drata, Microsoft Purview, DLP platforms, or enterprise data governance tools
• Demonstrated ability to design production-ready controls that balance risk reduction with business enablement
• High integrity and sound judgment when handling sensitive and confidential information