SVP, Data Governance, Privacy & Risk

Job Description

SVP, Data Governance, Privacy & Risk

Who We Are

Horizon Media, founded in 1989 by Bill Koenigsberg, is recognized as one of the most innovative marketing and advertising firms. We are headquartered in New York City, with offices in Los Angeles and Toronto. A leader in driving business solutions for marketers, Horizon is known for its highly personal approach to client service. Renowned for its incredible culture, Horizon is consistently named to all the prestigious annual Best Places to Work lists published by Fortune, AdAge, Crain’s New York Business and Los Angeles Business Journal.

Together we are building a place of belonging. At Horizon, we understand the value that different perspectives can bring to our clients and culture, so we strive for an environment where our employees feel welcomed, safe and empowered. We value YOU and believe that your authentic voice and unique perspective allows us to create a more rewarding culture, and experience, together.

Our simple recipe for success? We hire talented people (thinkers, doers, dreamers, makers), challenge them and give them every opportunity to grow.

Where You'll Be

This role is based out of our New York City headquarters. We offer a hybrid work model, allowing for a mix of in-office and remote work. We are also open to considering a fully remote arrangement for an exceptional candidate.

What You’ll Do

The SVP of Data Governance, Privacy & Risk will be a senior executive leader responsible for establishing and overseeing the global privacy, data protection, and data governance strategy. This role reports to the Chief Information Security Officer (CISO) and will manage the Compliance, Risk, Data Privacy, and Data Governance departments for the enterprise.

Duties and Responsibilities by Department:

Data Governance Department

• Framework and Policy Development: Design, implement, and maintain the enterprise-wide data governance framework, policies, and standards.

• Data Stewardship: Establish and lead a data steward program, defining roles and responsibilities for data owners and custodians across the business.

• Data Quality: Implement processes and tools to monitor and improve data quality, accuracy, consistency, and reliability.

• Metadata and Cataloging: Oversee the development and maintenance of a central data catalog and metadata repository to ensure data is discoverable and understandable.

• Data Lineage: Implement and manage data lineage practices to track the origin, transformation, and usage of data across systems.

• Stakeholder Collaboration: Partner with internal business and technology leaders to ensure adoption of data governance policies and collaborate with external partners to align on data standards and practices.

Data Privacy Department

• Global Privacy Compliance: Partner with Business and Legal Affairs (BALA) team to ensure and demonstrate compliance with all applicable global data privacy regulations, including GDPR, CCPA/CPRA, and other emerging laws.

• Privacy by Design: Partner with product, technology, and business teams to embed privacy-by-design principles into all new products, platforms, and services.

• Data Protection Impact Assessments (DPIAs): Lead and manage the process for conducting DPIAs for new and existing data processing activities.

• Data Subject Rights: Oversee and manage the processes for handling data subject access requests (DSARs) and other individual rights.

• Incident Response: Lead the privacy response to data incidents and breaches, including investigation, regulatory notifications, and remediation efforts.

• Stakeholder Engagement: Act as a key liaison between internal legal, product, and marketing teams on privacy-related matters, and engage with external regulators, clients, and partners on privacy inquiries.

Risk Management Department

• Risk Assessment: Perform ongoing risk assessments to identify, analyze, and evaluate data-related risks to the organization.

• Risk Mitigation: Develop and implement risk mitigation strategies and business continuity plans to address identified threats.

• Risk Reporting: Prepare and present risk reports tailored to various audiences, from the Board of Directors to individual department heads.

• Third-Party Risk Management: Establish and manage a vendor risk management program to assess and monitor the security and privacy risks of third-party vendors and partners.

• Risk Culture: Build risk awareness across the company by providing training and support to all departments.

• Stakeholder Alignment: Work closely with internal department heads to understand their risk exposure and collaborate with external auditors, insurers, and consultants on risk management initiatives.

Compliance Department

• Regulatory Monitoring: Track and analyze global regulatory developments and enforcement trends, advising leadership on potential impacts and necessary actions.

• Policy Enforcement: Conduct policy and compliance audits to ensure adherence to internal policies and external regulations.

• Audit Liaison: Serve as the primary point of contact for and liaise with internal and external auditors for all compliance-related matters.

• Compliance Training: Develop and oversee training programs to educate employees on their compliance obligations.

• Records Management: Maintain comprehensive records of compliance activities, including audits, assessments, and regulatory communications.

• Stakeholder Coordination: Coordinate with internal teams to implement and validate compliance controls and engage with external legal counsel and regulatory bodies as needed.

Who You Are & What You've Done

Required Skills & Experience:

• Bachelor's or Master's degree in Information Management, Computer Science, Business Administration, or equivalent relaetyd work experience.

• 10+ years of experience in data governance, data management, privacy, or related roles.

• At least one relevant certification in data governance or privacy, such as CIPP, CIPM, CIPT, or CDMP.

• Proven experience in developing and implementing data classification frameworks in a large organization.

• Expert knowledge of global privacy laws, including GDPR, PIPEDA, and CCPA, and their application in a corporate setting.

• Strong leadership, communication, and stakeholder management skills, with the ability to influence and drive change in a complex organizational environment.

• Ability to work independently and manage relationships across functions and regions.

Preferred (Nice to Have) Skills & Experience:

• Experience with One Trust tools.

• Experience in the advertising or media industry.

• Experience managing a global team.

#LI-JC2

#LI-HYBRID

Horizon Media is proud to be an equal opportunity workplace.  We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

Salary Range

$200,000.00 - $350,000.00

A successful applicant’s actual base salary may vary based on factors such as individual’s skill sets, experience, training, education,  licensure/certifications, and qualifications for the role.  As an organization, we take an aptitude and competency-based hiring approach.  We provide a competitive total rewards package including a discretionary bonus and a variety of benefits including health insurance coverage, life and disability insurance, retirement savings plans, company paid holidays and unlimited paid time off (PTO), mental health and wellness resources, pet insurance, childcare resources, identity theft insurance, fertility assistance programs, and fitness reimbursement.