Privacy and Customer Trust Program Manager
Posted on 11/9/2023
Abnormal Security

501-1,000 employees

Cloud-Native Email Security
Company Overview
Abnormal Security's mission is to protect the internet. They will protect knowledge workers across the cloud, wherever they work.
AI & Machine Learning

Company Stage

Series C

Total Funding





San Francisco, California

Growth & Insights

6 month growth


1 year growth


2 year growth

Remote in USA
Experience Level
Desired Skills
Data Analysis
  • 5+ years of experience in privacy or related technical disciplines such as information security, compliance, or technical risk management
  • Bachelor’s degree, equivalent work experience, or equivalent military experience with at least 5 years of Risk Assurance/Compliance, Privacy, and/or Information Security experience
  • Privacy protection related experience with solid background knowledge of enterprise security industry and technology
  • Experience developing internal policies and procedures, training programs and communications
  • Strong understanding of risk management and ability to effectively communicate privacy risk to executives
  • Demonstrated track record of successfully developing and maturing security, privacy, or compliance programs with an emphasis on delivering results through efficient process design, optimization, and project management
  • Experience in operations related to privacy, customer trust, or compliance
  • Understanding of software development processes and cloud computing services, and the privacy challenges of each
  • Experience with coordinating and/or managing SOC 2 and/or ISO audits
  • Familiarity with privacy, customer trust, and GRC tools
  • Understanding of statutes, regulations and guidance related to data privacy and consumer communications and marketing, including GDPR, CCPA, HIPAA, TCPA and CAN-SPAM, and working knowledge of data privacy regulatory trends
  • Participated in GDPR, CCPA, ISO27001, ISO27701, or SOC 2 Privacy Trust Services Criteria initiatives and related work is preferred
  • Proficiency in PIA/DPIA methodologies, presided over or participated in privacy by design work is preferred
  • Keep abreast of regulatory and industry developments applicable to privacy and advise the GRC Director and other management on the potential impact on the organization
  • Define the privacy strategy and ensure the selection of controls is consistent with the strategy
  • Implement, manage, optimize, and mature the Privacy program to help to drive industry-leading privacy practices, required change across the organization, and compliance with applicable regulations
  • Implement, manage, optimize, and mature the Customer Trust program to support the security, privacy, and compliance activities related to the sales cycle
  • Lead the ongoing development, implementation, and maintenance of policies, procedures, standards, guidelines, and controls that protect personal information and support the Privacy program and Customer Trust program operations
  • Collaboratively define, manage, and drive cross functional programs and technologies that enable teams across Abnormal Security to deliver our products and operate our business with privacy by design
  • Scope, manage, and drive to completion the end-to-end delivery of privacy and customer trust projects with cross-functional stakeholders with excellent project management skills
  • Monitor and report on the effectiveness and maturity of Privacy and Customer Trust programs to the Director GRC, CISO, and other management
  • Design and implement an integrated risk management approach that applies operating controls to manage privacy risk and aligns with the Enterprise Risk Management program
  • Conduct regular privacy risk and impact assessments and work with relevant departments to identify, evaluate, mitigate, and monitor privacy risks across the organization
  • Provide leadership on where to target our privacy risk mitigation efforts, liaise with key stakeholders to ensure appropriate risk mitigation measures have been taken in response to identified privacy risk, and track remediation to resolution
  • Align with the Compliance program and control owners to enhance and assess privacy controls, including assisting with the coordination of external audits
  • Partner with the Compliance program to ensure personnel and third-party compliance with information privacy requirements, and compliance with customer contractual obligations related to privacy
  • Evangelize a culture of privacy throughout Abnormal through education, trust, and empathy; perform outreach across the company to promote awareness
  • Oversee the privacy training, awareness, and mentorship of personnel, including developing customized programs and materials for specific teams
  • Create and maintain internal self-service resources for privacy and customer trust
  • Partner with stakeholder teams to develop external-facing and consumer-friendly content and communications related to security, privacy, and compliance
  • Develop supporting processes to intake and respond to internal and external privacy and customer trust requests/questions
  • Triage, analyze, and conduct investigations on incidents reported to the privacy office to ensure appropriate response and escalation; support data incident response and data breach notification procedures
  • Maintain required privacy records and documentation such as records of data processing
  • Own and manage the Trust Portal configuration, content, and operations; own and manage other systems that support privacy and customer trust
Desired Qualifications
  • Experience at a technology or SaaS / Cloud and/or with a regulated public company and/or at a Big 4 firm
  • Prefer a degree in information assurance, computer science, information security, or business
  • Professional certifications (CIPP, CIPM, CISA, PMP or others related to privacy, security, or project management) are a plus