Data Protection and Compliance Officer

  • 418 S Dawson St, Raleigh, NC 27601, USA
  • Full-time

Company Description

Pendo was founded in 2013 by former product managers, who combined their heads and hearts to build something they wanted but never had as product managers -- a simple way to understand and attack what truly drives product success.  Our mission is to improve society's experience with software.

Come join one of the fastest-growing startups, supported by best-in-class institutions like Battery Ventures, Salesforce Ventures, Spark Capital and Meritech.  Our culture is passionate, dynamic, and fun.

Job Description

Pendo is seeking an experienced data protection, privacy & compliance professional to fill the role of Data Protection, Privacy & Compliance Officer. The position is located in Raleigh NC.

You will help build and oversee a data protection and privacy compliance program to ensure that Pendo handles personal data safely and responsibly and complies with all applicable data protection and privacy laws, including the EU General Data Protection Regulation (“GDPR”), oversight of international compliance regulations as well as SOC2 compliance, and assisting teams with data security issues. You will work collaboratively across multiple teams to build and enhance an appropriate compliance framework for developing and deploying products, infrastructure and policies that adhere to best-in-class privacy practices. You will also act as the primary point of contact for Pendo and its employees, regulators, and the public for issues relating to our data protection, privacy and compliance program.

What you'll do: 
  • Experience managing and mitigating privacy, data protection and compliance risk.  Key skills include the ability to communicate and translate privacy and compliance issues across a diverse set of teams. 

  • Data & Privacy Compliance:  In depth knowledge of GDPR as well as US and other national data protection laws, including conducting regular internal compliance audits, leading training, and ensuring maintenance of accurate and up-to-date records demonstrating such compliance, and performing all other necessary duties in accordance with Article 39 of the GDPR. Participate in the analysis and understand how GDPR applies to the business, and in particular in relation to new regulatory announcements and ensure communication to any impacted areas is concise.  The successful candidate will be a “doer”, and know how to map data flows, conduct risk assessments and testing, product development reviews, vendor assessments and monitoring, communicate with regulators, and lead training.  

  • General Compliance:  Provide supervisory oversight to our existing SOC 2 program.

  • Data Security: Coordinate with information and network security, as well as teams throughout Pendo on data security obligations to ensure respective teams manage breach incidents.

  • Product & Engineering:  Experience advising on data protection, privacy and compliance requirements in a company that develops tech products, uses digital marketing,etc.  Comfortable communicating in an informed manner and with credibility to advise and influence product developers and engineers.

Qualifications

Who you are:

  • You have 6+ years of relevant work experience with global data protection and privacy issues in a multi-jurisdictional environment (including direct engagement with EU regulators on privacy and data protection issues).  A law degree is a plus, but not required.  

  • Experience working in a compliance role within a Software company. 

  • Experience presenting on compliance to compliance and general business personnel

  • Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concern

  • A privacy professional certification 

  • Detailed understanding of GDPR compliance issues

  • Familiarity with information systems compliance standards and information security frameworks and certifications

  • Tech savvy.  You don’t need to be an engineer, but ideally you have knowledge of major security technologies, development and analytics tools, and cloud infrastructure platforms.

  • Project management skills, including experience building and enhancing global compliance programs

  • Experience with developing and enhancing global compliance programs and rolling out employee training and educational programs

  • Experience working collaboratively with Compliance,Legal and Product Management teams on a global basis

  • Excellent judgment.  Demonstrated ability to find practical, appropriate solutions to compliance issues.

  • A high degree of integrity and credibility - you know how to use your experience, skill and smarts to influence and manage complex projects.  

  • You work well autonomously - you need to be able to roll up your sleeves and do the work yourself.

  • Effective communication skills - verbally and in writing (this means you can speak and write in plain English, not only legalese) and can tailor your communication to suit a wide-range of audiences (board of directors, Engineering teams, product managers, legal teams, etc.)

Additional Information

Why Pendo?

  • We are a passionate and fast-growing startup culture

  • You will gain experience in a diverse and exciting set of technologies and clients

  • You can enjoy frequent company and team-building events

  • We are located in the heart of Downtown Raleigh, one of the fastest growing cities in the Southeast

  • Join our team and you will have a real impact on Pendo’s future and direction


Benefits and Perks

  • Company Equity

  • Health, dental, and vision benefits 100% covered for your entire family

  • 401K

  • Open vacation policy

  • Lots of company swag...hope you like pink!


Hear from other Pendozers on why it's so great working at Pendo.

http://content.pendo.io/vmxNJTWm38


Check out this video of our CEO Todd Olson speaking about Pendo.

https://vimeo.com/110839413


All your information will be kept confidential according to EEO guidelines.

No Agencies Please.

Must be eligible to work in the U.S.