Sr. Data Privacy & Compliance Professional
Who we are:
Zwift is a digital destination for fitness enthusiasts that are redefining indoor exercise. We took the boring indoor routine and game-ified it, by developing an at-home training experience that connects cyclists and runners with each other around the world. We’re on a mission to make more people, more active, more often.
Launched from the sunny beaches of Long Beach, CA with offices in NYC, London, Tokyo, and Melbourne, the Zwift community is active in 195 countries (yup - more countries than the United Nations) and growing. We’re endlessly positive, relentlessly inventive, and always looking to improve…wanna join?
About the team:
The Zwift Compliance and Data Privacy Team work collaboratively with all Zwift departments and country offices to deliver global regulatory compliance, data privacy (GDPR/CCPA), vendor management/certification and business continuity.
- Establish and oversee controls promoting consistent application of appropriate practices across all areas of Zwift, such as data privacy, business, IT, and information security
- Provide necessary evidence of compliance with acknowledged mandatory Zwift standards, contract, regulatory policies, and practices
- Identify trends or foreseeable situations which place Zwift at risk of non-compliance with requirements, especially those with the potential of substantial financial or contractual operational impact.
- Provide compliance guidance, oversight, and advice to leadership and delivery entities supporting Zwift’s business objectives
- Ensure Zwift and its IP/Technical assets are properly secured and recoverable in the event of a disaster
- Review Zwift’s external relationships with vendors and business partners to validate and ensure that Zwift is protected while working with these partners
Who we’re seeking:
What you’ll do:
- Lead Zwift's understanding of responsibilities and tech requirements necessary to manage Data Privacy and IT controls related to GDPR, CCPA, PCI and KISA compliance.
- Coach Watopians on audit and compliance standards and best practices
- Develop an in-depth understanding of industry compliance management trends and risks and collaborate with IT compliance managers to develop viable business solutions to mitigate risk
- Assist with providing direction and expertise in the following areas: IT compliance, risk management and internal controls related to privacy, information security, and software architecture and development at Zwift
- Assist with maintaining a data inventory, conducting privacy reviews and risk assessments for new and existing products, services and business processes and identify privacy impact mitigation strategies
- Makes recommendations and implements improvements as needed to ensure compliance with company policies, standards, and guidelines
- Updates/Communicates compliance requirements, standards, timing and initiatives to control owners and stakeholders
What we’re looking for:
- Any combination of the following Certifications: CIPP/E, CIPP/US, CIPT, CISA, CISM
- Experience: 5+ years (in audit and policy generation experience)
- College Degree (or equivalent experience) in Computer Information Systems, Computer Science, MBA
- Excellent verbal and written skills
- Ability to work with corporate executives and Sr. Leadership
- A desire to learn and grow in the data privacy field
- Memberships and or active participation in the IAPP and ISACA (or eqiv.)
- Strong business awareness and an ability to identify audit issues arising from different areas in the organization.
- Team player, with the ability to multitask, flexible and can work under pressure.
- Socially confident with good organization, communication and presentation skills.
- Self-starter with good analytical skills and a proactive approach to problem-solving
Top Five Reasons Why We Think You’ll Love It Here
- Competitive pay scale
- Continuing Education and Certification provided by Zwift
- Great Employee Fitness Program… earn a bike!
- Awesome team of diverse individuals who love what they do