Incident Response, Program Manager

This role will be responsible for execution and program management of Incident Response functions within the Risk Oversight pillar of Meta's Regulatory Compliance Program Organization. This role is responsible for managing the full lifecycle of product risk incidents-from initial identification through closure in addition to supporting implementation of enhancements to our incident response processes across all risk pillars. The scope of the team is to ensures that there is oversight and accountability for privacy incident outcomes across all Risk Pillars (e.g. privacy, security, integrity, and AI risks). You will thrive in an ambiguous, cross-functional environment where they can understand different perspectives, drive progress to manage incidents to closure and support analysis to ensure appropriate remediation steps are taken. You will support reporting and informed decision-making across Product and Risk Organization leadership teams.

Incident Response, Program Manager Responsibilities:

• Plan and drive cross-functional incident management projects involving Legal, Policy, Communications, Product, and Engineering teams for complex risk incidents across all risk pillars (e.g. privacy, security, integrity, and AI)
• Implement and execute ongoing management of compliance operations for incident management across privacy and other risk pillars. Ensure processes and controls meet regulatory obligations and internal standards
• Build and maintain relationships with stakeholders across Legal, Product, and Engineering to drive alignment and prioritization of incident management and compliance activities for assigned cases
• Translate technical and compliance details into clear, actionable communications for wide-ranging audiences from executives to engineers. Deliver concise updates and recommendations on incident status, compliance posture, and impact to stakeholders and Risk Organization leadership
• Perform retrospectives to understand the root cause of incidents and support feedback loops to reduce future incidents and improve incident management processes
• Advise on industry standards related to incident response and risk oversight practices
• Identify, champion, and implement process improvements to increase the efficiency and effectiveness of incident management and compliance operations
• Project manage and prioritize work based on urgency and complexity while building operational cadences across technical and operational teams to coordinate work

• 5+ years of experience in program management, consulting, business operations, technical program management, incident management, risk management, compliance management, or other GRC operational discipline
• 3+ years of experience leading large, technical, cross-functional projects and/or programs
• 3+ years of direct experience working in corporate privacy incident response or security/privacy compliance functions (e.g., GDPR, CCPA, SOC2)
• 1+ years work experience collaborating directly with technology product management and engineering teams
• Set priorities, multi-task and work with autonomy in a rapidly changing workplace environment
• Bachelor's degree or higher

• 6+ years of work experience in risk and compliance, legal, consulting, business operations or other operational disciplines
• 4+ years of work experience in technical program and/or project management in collaboration with product management and engineering teams
• 3+ years of experience working in GRC, regulatory domains like privacy, integrity or security
• 3+ years of experience working in a role associated with data protection, regulatory response, audit and implementation of control frameworks
• 1+ years experience using Artificial Intelligence (AI) tools to deliver incident response, GRC or regulatory oriented processes
• Bachelor's Degree in a related field or equivalent experience