Join a small but dedicated team to actively support iRobots Global Data Privacy Program, focusing on direct-to-consumer ecommerce, digital features, and our evolving MarTech stack. Reporting to the Privacy Director/DPO, you will focus on identifying and protecting personal data, perform a variety of risk assessments, and propose mitigation activities and process improvements. This role will support iRobot's framework-based approach to data privacy, ensuring compliance with regulations, and implementing best practices to protect consumer/marketing data. You will work closely with iRobots Product and Enterprise Security teams, as well as Legal, Marketing, IT, and Customer Care.
- In collaboration with Marketing, Customer Care, and eCommerce teams, conduct and evaluate privacy impact assessments for new and evolving business practices, projects, and programs.
- Assist with creating, documenting, and implementing processes to capture, document, and maintain accurate records of new personal information sourced through the websites, iRobot Home app, and third-party providers, including retention periods and accurate data flows.
- Perform vendor and partner privacy risk assessments as needed.
- Develop and maintain integrations with our privacy management application (TrustArc).
- Act as a subject matter expert on data privacy as it relates to consumer data collection, management, and usage; consult with Privacy Director, Marketing, Legal, and Enterprise and Product Security teams to ensure best practices and company policies are implemented and maintained.
- Assist with ongoing consumer data collection, management, usage, retention, and overall compliance audits.
- Minimum B.A./B.S. degree; Masters preferred.
- At least one IAPP certification.
- 2-3 years proven experience with Privacy-by-Design.
- Minimum 1 year proven experience working with consumer PII, and ecommerce and marketing data collection, management, and usage across paid media, websites, email, in-app, via social media, etc.
- Solid understanding of ecommerce and digital marketing technologies, including direct-to-consumer models, Google Analytics, first- and third-party cookies and other tracking technologies, and SDKs.
- Experience with consumer data management using a Customer Relationship Management (CRM) system.
- Demonstrated knowledge of data privacy and consumer privacy regulations, as well as data privacy risk management, compliance, and data governance. Deep understanding of GDPR and CCPA a must; Japan and China data protection knowledge a plus.
- Ability to assess the value of critical data and the risks associated with this data, to identify gaps in data protection, and to recommend risk remediation.
- Ability to collaborate cross-functionally and navigate competing interests and priorities.
- Strong verbal and written communication skills, including the ability to work with international and distributed teams.
- Sense of humor and strong sense of team comradery.
- Curious, willing to ask questions, and not afraid to say, I dont know, but I will find out.
- Privacy, legal, compliance, or marketing background.
- Basic understanding of ISO27701 standard and various privacy and data governance accountability frameworks.
- Interest in IoT/connected devices, robotics, and privacy as a competitive differentiator.
- Familiarity with the TrustArc platform.
- Database development, query-building experience, or use of Mode Analytics.
- Interest in cybersecurity, and basic understanding of security-for-privacy.