Director of Global Data Privacy

We are excited to add a Director of Global Data Privacy to our team. We have one open position and are welcoming candidates based in the United States or Europe. While Indianapolis, IN is the preferred U.S. location, there is consideration for remote work for non-Indiana residents and a fully remote arrangement for Europe-based candidates.

The Director of Global Data Privacy plays a critical enterprise role in enabling trust, compliance, and responsible data use at scale. This leader ensures the organization meets complex global regulatory obligations while strengthening confidence among customers, employees, and partners through consistent, defensible privacy practices. By proactively identifying and mitigating privacy risk, embedding privacy into AI, analytics, and digital initiatives, and driving operational excellence through automation and standardization, the role reduces enterprise risk and enables confident innovation. Serving as a strategic advisor to senior leadership, the Director of Global Data Privacy provides clear insights, metrics, and risk-based guidance to inform executive decision-making while fostering a strong, privacy-first culture grounded in data ethics and accountability.

In this role, you will make an impact in the following ways:

• Lead the implementation, governance, and continuous improvement of the global data privacy program.
• Drive end-to-end program delivery, including strategy execution, process design, tooling adoption, and performance management.
• Identify and implement opportunities for automation, efficiency, and operational scale across privacy processes.
• Establish KPIs, metrics, and program maturity measures to track effectiveness and drive continuous improvement.
• Interpret and operationalize global privacy regulations (e.g., GDPR, CCPA/CPRA and other applicable laws) through policies, governance frameworks, and operational controls.
• Lead privacy risk assessments, DPIAs, and control evaluations to proactively identify and mitigate enterprise risk.
• Support regulatory inquiries, audits, and internal compliance reviews with timely, accurate responses.
• Escalate material privacy risks and provide clear, actionable mitigation strategies to senior leadership.
• Oversee and continuously enhance core privacy operations, including:
• Data inventories, data mapping, and records of processing activities
• DSAR and data subject rights intake, fulfillment, and reporting
• Privacy incident identification, tracking, escalation, and remediation
• Third-party data protection agreements and contract governance
• Drive optimization and effective use of privacy platforms and tooling (e.g., OneTrust) to improve visibility, consistency, and execution.
• Act as a strategic advisor to senior stakeholders across IT, cybersecurity, legal, HR, and business leadership.
• Embed privacy-by-design and privacy-by-default principles into systems, products, and enterprise data initiatives.
• Provide guidance on complex and emerging data use cases, including AI, advanced analytics, and cross-border data transfers.
• Influence executive decision-making through pragmatic, risk-based guidance that balances compliance with business objectives.
• Provide regular reporting and insights to the Sr. Director on program performance, risk trends, and regulatory developments.
• Provide leadership and direction to regional or functional privacy leads within a global, matrixed organization.
• Lead the development and delivery of targeted privacy training and awareness programs aligned to role, risk, and geography.
• Promote a privacy-first, risk-aware culture that reinforces accountability, transparency, and ethical data use.

• Strategic, Courageous Communication: Communicates with clarity and intent, tailoring messages across multiple formats and channels to meet the needs of diverse audiences. Willingly addresses difficult or sensitive issues, speaking up with confidence and transparency to ensure alignment, trust, and effective decision-making.
• Vision & Global Mindset: Articulates a compelling vision and strategic direction that inspires others to act and align their efforts with organizational goals. Approaches problems and opportunities with a global perspective, considering cultural, regional, and enterprise-wide impacts to drive sustainable outcomes.
• Navigates Ambiguity & Complexity: Operates effectively amid uncertainty and change, remaining adaptable when the path forward is not fully defined. Synthesizes complex, high-volume, and sometimes conflicting information to identify priorities, make sound decisions, and solve problems efficiently.
• Organizational Influence & Change Leadership: Demonstrates strong organizational savvy by navigating complex policies, processes, and stakeholder dynamics with ease. Uses influence and structured change management methodologies to build commitment, drive adoption, and sustain business results through transitions.
• Compliance, Integrity & Inclusion: Leads and manages robust compliance and regulatory programs aligned with world-class standards, reducing risk and reinforcing ethical behavior. Identifies and mitigates compliance issues thoughtfully, values diverse perspectives, and promotes an inclusive culture grounded in integrity and respect.

• Bachelor's degree in law, information security, business, or a related discipline.
• 7+ years of progressive leadership experience in global data privacy, compliance, or risk management.
• Privacy certifications such as CIPP (US/E or other regions), CIPM, CIPT, or equivalent.
• Deep experience interpreting and operationalizing global privacy regulations, including GDPR and CCPA/CPRA, through scalable governance, policy, and control frameworks.
• Demonstrated experience owning, implementing, and scaling enterprise privacy programs across complex, matrixed organizations.
• Proven executive presence with the ability to influence senior leaders and drive alignment across legal, technology, and business functions.
• Experience leveraging privacy or GRC technology platforms (e.g., OneTrust) to enable operational scale and visibility.
• Exposure to AI governance, data governance, cybersecurity, or emerging technology risk.
• Demonstrated success operating in global, highly matrixed environments with accountability across regions and time zones.