[Hiring] Director, Privacy Compliance @Openly

Role Description

The Privacy Program Director is responsible for the oversight of the company’s privacy compliance program in alignment with applicable federal and state privacy laws, insurance regulations, and industry best practices. This role ensures that the company protects personal information entrusted by policyholders, employees, agents, and business partners, and that privacy risks are effectively managed throughout the organization’s operations.

This is a critical, high-impact leadership position focused on refining and maturing our enterprise-wide Data Privacy framework. The Privacy Director will drive cross-functional collaboration to continuously enhance policies and controls, mitigate regulatory and reputational risk, and embed a culture of responsible innovation throughout the company.

Key Responsibilities

• Oversee the privacy program and compliance framework, including policies, standards, and controls for applicable privacy laws.
• Provide advice and support on privacy-related implications, data-handling practices, and solution design.
• Oversee privacy impact assessments (PIAs) and risk assessments for new products, systems, and vendors.
• Review, draft, and maintain privacy notices, policies, procedures, and consents.
• Oversee privacy training, promote privacy awareness culture, and serve as the privacy subject matter expert for leadership.
• Monitor statutes, regulations, case law, and other resources for changes and recommend program updates to ensure ongoing compliance with a focus on compliance with U.S. regulatory frameworks.
• Provide guidance in support of cybersecurity incident investigation and response.
• Oversee consumer rights request processes (access, correction, deletion, opt-out) and ensure timely, compliant handling.
• Review and provide advice relative to data privacy terms in vendor contracts and business associate agreements.
• Independently manage multiple privacy initiatives under tight timelines with changing priorities and limited resources.
• Perform all other tasks and activities assigned from time to time.

Qualifications

• Bachelor’s degree in Law, Business, Information Management, or related field; JD or Master’s preferred.
• 7+ years of experience in privacy, data protection, compliance, or related regulatory roles, including at least 4 years working directly on privacy/data protection initiatives, preferably in the insurance services sector.
• Experience implementing or managing privacy programs under frameworks such as CCPA/CPRA, GLBA, or ISO/IEC 27701.
• In-depth understanding of U.S. privacy and data protection laws and regulations and impact in the insurance or financial services industry.
• Understanding of technologies used to protect sensitive data and monitor compliance.
• Proficiency in privacy program governance, risk assessments, and third-party oversight tools.
• Excellent organization and project management skills, with the ability to influence and collaborate effectively with people at all levels of the company.
• Attention to detail and documentation discipline.
• Strategic thinking with hands-on execution capability.
• Extremely comfortable operating with ambiguity and addressing complex business questions.
• Strong communication skills, both written and oral.
• Strong analytical and research skills.

Preferred

• CDPSE, CIPP/US, CISA, CIPM, or CISM certification.

Requirements

• Budgeted Salary Range: $155,200 — $180,000 USD.
• Full Salary Range: $145,500 — $242,500 USD.

Benefits

• Remote-First Culture - We supported #remotelife long before it was a given. We'll keep promoting it.
• Competitive Salary & Equity.
• Comprehensive Medical, Dental, and Vision Plan Offerings.
• Life and disability coverage including voluntary options.
• Parental Leave - up to 8 weeks (320 hours) of paid parental leave based on meeting eligibility requirements.
• 401K Company Contribution - Openly contributes 3% of the employee's gross income, even if the employee does not contribute.
• Work-from-home stipend - We provide a $1,500 allowance to spend on setting up your home workplace.
• Annual Professional Development Fund: Each employee has $2,000 in professional development (PD) funds to spend on activities or resources annually.
• Be Well Program - Employees receive $50 per month to use towards your overall well-being.
• Paid Volunteer Service Hours.
• Referral Program and Reward.
• Depending on position, Employees generally are eligible for cash incentive compensation, including commissions for sales eligible roles.