SVP, Data Governance, Privacy & Risk

Job Description SVP, Data Governance, Privacy & Risk Who We Are Horizon Media, founded in 1989, is a marketing and advertising firm headquartered in New York City with offices in Los Angeles and Toronto. Where You’ll Be This role is based out of our New York City headquarters and offers a hybrid work model with a mix of in‑office and remote work. What You’ll Do The SVP of Data Governance, Privacy & Risk will be a senior executive leader responsible for establishing and overseeing the global privacy, data protection, and data governance strategy. This role reports to the Chief Information Security Officer (CISO) and will manage the Compliance, Risk, Data Privacy, and Data Governance departments for the enterprise. Duties and Responsibilities by Department Data Governance Department Framework and Policy Development: Design, implement, and maintain the enterprise‑wide data governance framework, policies, and standards. Data Stewardship: Establish and lead a data steward program, defining roles and responsibilities for data owners and custodians. Data Quality: Implement processes and tools to monitor and improve data quality, accuracy, consistency, and reliability. Metadata and Cataloging: Oversee the development and maintenance of a central data catalog and metadata repository. Data Lineage: Implement and manage data lineage practices to track the origin, transformation, and usage of data across systems. Stakeholder Collaboration: Partner with internal business and technology leaders to ensure adoption of data governance policies and collaborate with external partners to align on data standards and practices. Data Privacy Department Global Privacy Compliance: Partner with Business and Legal Affairs to ensure compliance with GDPR, CCPA/CPRA, and other global privacy regulations. Privacy by Design: Embed privacy‑by‑design principles into new products, platforms, and services. Data Protection Impact Assessments (DPIAs): Lead and manage DPIAs for new and existing data processing activities. Data Subject Rights: Oversee and manage processes for handling data subject access requests (DSARs) and other individual rights. Incident Response: Lead the privacy response to data incidents and breaches, including investigation, regulatory notifications, and remediation. Stakeholder Engagement: Liaise with internal legal, product, and marketing teams and engage with external regulators, clients, and partners on privacy inquiries. Risk Management Department Risk Assessment: Perform ongoing risk assessments to identify, analyze, and evaluate data‑related risks. Risk Mitigation: Develop and implement risk mitigation strategies and business continuity plans. Risk Reporting: Prepare and present risk reports to the Board of Directors, department heads, and other stakeholders. Third‑Party Risk Management: Establish and manage vendor risk management program for third‑party vendors and partners. Risk Culture: Build risk awareness across the company through training and support. Stakeholder Alignment: Work closely with internal department heads to understand risk exposure and collaborate with external auditors, insurers, and consultants. Compliance Department Regulatory Monitoring: Track and analyze global regulatory developments and enforcement trends. Policy Enforcement: Conduct policy and compliance audits to ensure adherence to internal policies and external regulations. Audit Liaison: Serve as the primary point of contact for internal and external auditors. Compliance Training: Develop and oversee training programs to educate employees on compliance obligations. Records Management: Maintain records of compliance activities, audits, assessments, and regulatory communications. Stakeholder Coordination: Coordinate with internal teams to implement and validate compliance controls and engage with external legal counsel and regulatory bodies. Who You Are & What You’ve Done Required Skills & Experience Bachelor's or Master's degree in Information Management, Computer Science, Business Administration, or equivalent experience. 10+ years of experience in data governance, data management, privacy, or related roles. At least one relevant certification such as CIPP, CIPM, CIPT, or CDMP. Proven experience developing and implementing data classification frameworks in a large organization. Expert knowledge of global privacy laws including GDPR, PIPEDA, and CCPA. Strong leadership, communication, and stakeholder management skills. Ability to work independently and manage relationships across functions and regions. Preferred (Nice to Have) Skills & Experience Experience with One Trust tools. Experience in the advertising or media industry. Experience managing a global team. Equal Employment Opportunity Horizon Media is proud to be an equal opportunity workplace and is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. Salary Range $200,000.00 – $350,000.00 (actual base salary may vary based on factors such as skill sets, experience, training, education, licensure/certifications, and qualifications for the role). Benefits Discretionary bonus. Health insurance coverage. Life and disability insurance. Retirement savings plans. Company paid holidays and unlimited paid time off (PTO). Mental health and wellness resources. Pet insurance. Childcare resources. Identity theft insurance. Fertility assistance programs. Fitness reimbursement. #J-18808-Ljbffr