Director of Privacy

Job Description

Director Privacy - Costar Group

OVERVIEW

The Director Privacy will provide CoStar with operational expertise related to data privacy and protection and work closely with CoStar legal stakeholders to lead the global privacy program. This is a hands-on role that offers the opportunity to contribute meaningfully to a growing global privacy program while being supported by senior leadership. The successful candidate will assist in the day-to-day execution of core privacy operations and compliance initiatives to help mitigate risk protect data assets and information and drive privacy compliance across the organization. This individual will be responsible for developing program functions such as data subject rights privacy reviews cookie compliance and third-party risk management while coordinating with cross-functional partners and vendors to ensure implementation. The Director Privacy will bring strong working knowledge of U.S. privacy laws GDPR and emerging laws ensuring CoStar is compliant with all applicable international federal and state privacy and data protection laws and regulations. This individual will be responsible for ensuring customer and employee data is being collected shared and used in appropriate ways as well as playing a role in safeguarding company proprietary data.

The Director Privacy will perform key risk management activities and is responsible for providing sound compliance advice to all aspects of the business as a subject matter expert. This individual will be expected to be an effective partner across the organization to create solutions that align with the companys business goals without compromising data protection and information security standards. The Director Privacy will be part of the Legal Department and will work within the broader enterprise compliance and risk management team. This individual will support governance across CoStars global brands and products. The role is ideal for someone who is a proactive self-starter and strategic and practical thinker who has a thirst for knowledge and continued growth all while working as part of a great legal team.

RESPONSIBILITIES

• Support all aspects of CoStars global privacy compliance and risk management program including developing strategy monitoring the regulatory landscape maintaining relevant policies notices and disclosures and overseeing privacy operations risk and controls monitoring and privacy training and awareness.
• Play a key role in CoStars cross functional data protection forum that meets regularly to review privacy and data protection priorities and drive awareness and accountability across the organization.
• Manage the day-to-day functioning of CoStars global privacy program compliance platform (OneTrust) to support core programs including data subject access rights (DSAR) privacy by design (PIAs DPIAs LIAs and TIAs) and records of processing activity (ROPA) management.
• Analyze business initiatives products and processes to ensure they comply with applicable laws and regulations; practice sound judgement to effectively assess and balance risk in the provision of compliance advice to the business.
• Create organizational awareness by partnering with the companys internal training organization to develop and roll out on-going training across CoStar Group related to data privacy and CoStars expectations and standards including identification processing and handling of sensitive data.
• Work closely with the technology accounting and business risk management teams to identify assess advise on and mitigate privacy risks as well as implement controls and processes.
• Develop enhance and implement privacy and data protection policies procedures guidelines and related training.
• Provide the primary point of contact for business partner privacy compliance related inquiries and collaborate across teams to ensure the global privacy support operations processes are fulfilled and operating smoothly.
• Perform privacy program reporting upon request creating reports to inform senior leadership internal and external stakeholders and risk owners.
• Maintain expert knowledge of applicable privacy and data protection law and regulations keeping up and advising the business on current developments.

BASIC QUALIFICATIONS

• 5 years of experience in a comparable role at an international firm with a focus on privacy data protection technology or regulatory compliance.
• Working knowledge of key global privacy frameworks and emerging laws including GDPR UK DPA EU AI Act and U.S. federal and state privacy laws (e.g. CCPA/CPRA) and ability to analyze these complex laws and regulations and translate them into practical guidance for cross-functional teams.
• Familiarity with privacy compliance tools and workflows such as DSAR response processes privacy impact assessments (PIAs) and records of processing activities (ROPAs); experience with platforms like OneTrust preferred.
• Project management experience or certification a plus.
• Global privacy or compliance program management experience a plus.
• Strong interpersonal skills and experience in working cross-functionally with a variety of teams with lawyers and non-lawyers including software engineering teams sales teams and product teams.
• Detail oriented well organized and technically-adept.
• High degree of professional ethics and integrity.
• Strong computer skills MS Office(Excel Word PowerPoint).

PREFERRED QUALIFICATIONS AND SKILLS

• One or more of the following certifications Certified Information Privacy Manager (CIPM) Certified Information Privacy Professional (CIPP) Certified Risk Professional (CRP) Certified Regulatory Compliance Manager (CRCM) Program Management Professional (PMP) or AI Governance Professional (AIGP).
• Excellent judgement analytical and communication skills.
• Passion and expertise in data privacy with a proactive practical solutions driven approach to risk mitigation.
• Expertise and knowledge of digital and/or e-commerce marketplaces or online information businesses.
• Experience with international growth and implementing local jurisdiction-based compliance programs.
• Ability to manage multiple projects while maintaining and driving strong results.
• J.D. and admission to practice law in at least one U.S. jurisdiction (or UK qualification) a plus.

Whats in it for you

When you join CoStar Group you will experience a collaborative and innovative culture working alongside the best and brightest to empower our people and customers to succeed.We offer generous compensation and performance-based incentives. CoStar Group also invests in your professional and academic growth with training and tuition reimbursement.

Other highlights of our benefits package include:

• Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug.

• Life legal and supplementary insurance.

• Virtual and in person mental health counseling services for individuals and family.

• Commuter and parking benefits.

• 401(K) retirement plan with matching contributions.

• Employee stock purchase plan.

• 11 holidays and 3 weeks of vacation per year.

• On-site fitness center.

• Access to CoStar Groups Diversity Equity & Inclusion Employee Resource Groups.

• Snacks and caffeine.

We welcome all qualified candidates who are currently eligible to work full-time in the United States to please note that CoStar Group is not able to provide visa sponsorship for this position.

CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing

CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing