Data Protection and Privacy Officer
Legal – Legal
Etsy is seeking an experienced data protection, privacy & compliance professional to fill the role of Data Protection, Privacy & Compliance Officer. You will help build and oversee a data protection and privacy compliance program to ensure that Etsy handles personal data safely and responsibly and complies with all applicable data protection and privacy laws, including the EU General Data Protection Regulation (“GDPR”), oversight of international compliance regulations, and assisting teams with data security issues. You will work collaboratively across multiple teams to build and enhance an appropriate compliance framework for developing and deploying products, infrastructure and policies that adhere to best-in-class privacy practices. You will also act as the primary point of contact for Etsy and its employees, regulators, and the public for issues relating to our data protection, privacy and compliance program.
About the Role:
- Experience managing and mitigating privacy, data protection and compliance risk. Key skills include the ability to communicate and translate privacy and compliance issues across a diverse set of teams.
- Data & Privacy Compliance: In depth knowledge of GDPR as well as US and other national data protection laws, including conducting regular internal compliance audits, leading training, and maintaining accurate and up-to-date records demonstrating such compliance, and performing all other necessary duties in accordance with Article 39 of the GDPR. The successful candidate will be a “doer”, and know how to map data flows, conduct risk assessments and testing, product development reviews, vendor assessments and monitoring, communicate with regulators, and lead training.
- General Compliance: Provide supervisory oversight to our existing Global Compliance program.
- Data Security: Coordinate with information and network security, as well as teams throughout Etsy on data security obligations. Experience managing breach incidents.
- Product & Engineering: Experience advising on data protection, privacy and compliance requirements in a company that develops tech products, uses digital marketing,etc. Comfortable communicating in an informed manner and with credibility to advise and influence product developers and engineers.
- 10+ years of relevant work experience with global data protection and privacy issues in a multi-jurisdictional environment (including direct engagement with EU regulators on privacy and data protection issues). A law degree is a plus, but not required.
- A privacy professional certification.
- Detailed understanding of GDPR compliance issues
- Familiarity with information systems compliance standards and information security frameworks and certifications.
- Tech savvy. You don’t need to be an engineer, but ideally you have knowledge of major security technologies, development and analytics tools, and cloud infrastructure platforms.
- Project management skills, including experience building and enhancing global compliance programs
- Experience with developing and enhancing global compliance programs and rolling out employee training and educational programmes
- Experience working collaboratively with Compliance,Legal and Product Management teams on a global basis
- Excellent judgment. Demonstrated ability to find practical, appropriate solutions to compliance issues.
- A high degree of integrity and credibility - you know how to use your experience, skill and smarts to influence and manage complex projects.
- You also work well autonomously - you need to be able to roll up your sleeves and do the work yourself.
- Effective communication skills - verbally and in writing (this means you can speak and write in plain English, not only legalese) and can tailor your communication to suit a wide-range of audiences (board of directors, Engineering teams, product managers, legal teams, etc.)
- The ability to travel internationally 10-20%.
Interested in working with us? Send us a cover letter and your resume explaining why you’d be great for the job. We value your unique talents and point of view, so feel free to tell us what you are all about. If you have an online presence (blog, Twitter, Facebook), send it along. And if you write, draw, craft, or contribute to something you’re proud of, we’d love to hear about it.
At Etsy, we believe that a diverse, equitable and inclusive workplace makes us a more relevant, more competitive, and more resilient company. We welcome people from all backgrounds, ethnicities, cultures, and experiences. Etsy is an equal opportunity employer, we do not discriminate on the basis of color, ancestry, religion, gender identity, national origin, sexual orientation, age, citizenship, marital or family status, disability, gender identity or expression, veteran status, actual or presumed belonging to an ethnic group, or any other legally protected status.