Data Privacy Officer / Internal Control & Compliance Manager

In this role within the Alliance Data Privacy group, you will be the primary point of contact for both data subjects (e.g. customers) and the regulatory authorities. You will represent BrandLoyalty as the Privacy subject matter expert on the Incident Response team to consult on responding and managing any privacy-impacting incidents/breaches.

BrandLoyalty is part of Alliance Data Systems, the global leaders and engines behind marketing and loyalty programs for over 1,000 consumer-facing companies across all industries.

Your core responsibilities

  • Identify, evaluate, and maintain records of the company’s data processing activities;
  • Advise Data Controllers and Processors regarding data protection and privacy management requirements and policies (e.g. DPIA process & objectives, safeguard measures to mitigate the risks – technical, organizational & formal –, record of processing operations management);
  • Manage and conduct ongoing reviews of the Company’s adherence to the privacy governance framework to manage data use in compliance with company policies and privacy regulations, including developing templates for data collection, assisting with data mapping, data transfers, and vendor management reviews;
  • Partner key internal stakeholders in the review of projects and related data to ensure privacy-by-design principles are implemented as well as compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments;
  • Liaise with other organizations that process data on our behalf;
  • Review vendor contracts (including Model Clauses) and consents needed to implement projects in partnership with the firm’s Procurement and Information Security functions, and ensuring filing requirements with local regulators are achieved;
  • Foster a data privacy and data protection culture by developing and maintaining employee awareness of data privacy and security issues and providing continuous training on the subject matter (general and role-based training);
  • Review and validate controls implemented by the business to inform, advise and issue recommendations to the business with regards to data protection, privacy and compliance, including with data protection laws (e.g. GDPR, HIPAA, CCPA, LGPD, etc.) and internal policies and guidelines;
  • Author and update detailed guides on data protection policies including setting standards and reviewing policies and procedures globally that meet the privacy requirements in countries of operation;
  • Collaborate with Global Information Security to on incident response plans to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests (SARs) within legal timeframes. 


What qualities do you bring?

  • 8+ years of experience in data protection and legal compliance in an international company;
  • Previous experience and expertise in national and transnational data privacy laws (e.g., GDPR, HIPAA, CCPA, GLBA, PIPEDA), regulations and practices;
  • Understanding of data processing operations, including business applications and data use;
  • Understanding of information security frameworks (e.g., ISO27001, NIST CSF);
  • Experience reviewing contracts and agreements from a privacy and data protection standpoint;
  • Excellent English language skills, verbal and written are needed to interact effectively with peers and management;
  • Experience in responding to potential privacy incidents, to mitigate risk, determine reporting requirements, and developing corrective action plans when needed;
  • Demonstrated leadership and problem-solving skills, and ability to work under pressure;
  • Privacy, data protection and information security certifications.

What do we offer?

Are you up for the challenge? BrandLoyalty wants you to have fun in your work, contribute to our growth and share the successes with your team/company. This is just a short list of what BrandLoyalty can offer you:

  • Happy people: happy colleagues, happy consumers, happy clients!
  • Personal & professional development opportunities within a multinational growth business.
  • Work a team with 50+ nationalities in over 55 countries around the world.
  • Part of a Fortune 500 company... with a young & agile attitude.
  • Exceptional terms of employment – compensation, on-site gym with personal trainers, healthy daily lunches cooked by an in-house team and spectacular team gathering.

BrandLoyalty is known for being a divers & inclusive workplace because we believe that this drives our purpose “Next Generation Happiness” and creates a better future every day for our employees, clients and partners. All qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression or disability.

When you apply to the vacancy you understand and agree to our Privacy Statement for recruitment purposes.

Apply for this job