Director of Privacy

Job Description

Director, Privacy - Costar Group

Company:

CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100, CoStar Group is on a mission to digitize the world’s real estate, empowering all people to discover properties, insights, and connections that improve their businesses and lives. For over 35 years, CoStar Group has been living and breathing the world of real estate information and online marketplaces, giving them perspective to create truly unique and valuable offerings to their customers. By continually refining, transforming, and perfecting their approach to their business, CoStar has created a language that has become the standard in the industry, for their customers, and even competitors. As they continually work to continue that effort as well as improve and drive innovation, they are able to deliver for their customers, employees, and investors. CoStar Group provides an invaluable edge in real estate, by equipping the brightest minds with the best resources available. 
 
About the Role:

The Director, Privacy will provide CoStar with operational expertise related to data privacy and protection and work closely with CoStar legal stakeholders to lead the global privacy program in order to mitigate risk, protect data assets and information, and drive privacy compliance across the organization. The individual will be responsible for ensuring CoStar is compliant with all applicable international, federal and state privacy and data protection laws and regulations. The individual will be responsible ensuring customer and employee data is being collected, shared and used in appropriate ways, as well as playing a role in safeguarding company proprietary data. The Director, Privacy will perform key risk management activities and is responsible for providing sound compliance advice to all aspects of the business as a subject matter expert. This individual will be expected to be an effective partner across the organization to create solutions that align with the company’s business goals without compromising data protection and information security standards. The Director, Privacy will work as part of the Legal Department’s enterprise compliance and risk management team and will provide subject matter knowledge with national and international compliance standards to ensure governance across CoStar’s global brands and products. The role is ideal for someone who is a proactive self-starter and strategic and practical thinker, who has a thirst for knowledge and continued growth, all while working as part of a great legal team.

RESPONSIBILITIES

• Lead all aspects of CoStar’s global privacy compliance and risk management program, including developing strategy, monitoring the regulatory landscape, maintaining relevant policies, notices and disclosures, and overseeing privacy operations, risk and controls monitoring, and privacy training and awareness.

• Chair CoStar’s cross functional data protection forum that meets regularly to review privacy and data protection priorities and drive awareness and accountability across the organization.

• Oversee and maintain the day to day functioning of CoStar’s global privacy program compliance platform (OneTrust) to support core programs including data subject access rights (DSAR), privacy by design (PIAs, DPIAs, LIAs and TIAs), and records of processing activity (ROPA) management.

• Analyze business initiatives, products, and processes to ensure they comply with applicable laws and regulations; practice sound judgement to effectively assess and balance risk in the provision of compliance advice to the business.

• Create organizational awareness by partnering with the company’s internal training organization to develop and roll out on-going training across CoStar Group related to data privacy and CoStar’s expectations and standards, including identification, processing, and handling of sensitive data.

• Work closely with the technology, accounting, and business risk management teams to identify, assess, advise on, and mitigate privacy risks, as well as implement controls and processes.

• Develop, enhance, and implement privacy and data protection policies, procedures, guidelines, and related training.

• Provide the primary point of contact for business partner privacy compliance related inquiries and collaborate across teams to ensure the global privacy support operations processes are fulfilled and operating smoothly.

• Perform privacy program reporting upon request, creating reports to inform senior leadership, internal and external stakeholders, and risk owners.

• Maintain expert knowledge of applicable privacy and data protection law and regulations, keeping up and advising the business on current developments.

BASIC QUALIFICATIONS

• Bachelor’s degree required.

• 5+ years of regulatory compliance and project management experience (Project Management Professional certification a plus).

• 2+ years of experience performing data management risk assessments, including risk and control self-assessments, implementing processes and procedures to remediate and mitigate risk, and counseling and influencing stakeholders on matters related to data and information privacy, management and risk mitigation in either a Legal, Compliance, Risk or IT function.

• Global privacy or compliance program management experience (experience with OneTrust is a plus)

• Strong interpersonal skills and experience in working cross-functionally with a variety of teams, with lawyers and non-lawyers, including software engineering teams, sales teams, and product teams.

• Detail oriented, well organized and technically-adept.

• High degree of professional ethics and integrity.

• Proven track record of commitment to previous employers.

• Strong computer skills – MS Office (Excel, Word, PowerPoint).

PREFERRED QUALIFICATIONS AND SKILLS

• One or more of the following certifications – Certified Information Privacy Manager (CIPM), Certified Information Privacy Professional (CIPP), Certified Risk Professional (CRP), Certified Regulatory Compliance Manager (CRCM), Program Management Professional (PMP).

• Excellent judgement, analytical and communication skills.

• Passion and expertise in data privacy with a proactive, practical, solutions driven approach to risk mitigation.

• Expertise and knowledge of digital and/or e-commerce marketplaces or online information businesses

• Experience with international growth and implementing local jurisdiction-based compliance programs.

• Ability to manage multiple projects while maintaining and driving strong results.

What’s in it for you?   

When you join CoStar Group, you will experience a collaborative and innovative culture working alongside the best and brightest to empower our people and customers to succeed. We offer generous compensation and performance-based incentives. CoStar Group also invests in your professional and academic growth with training and tuition reimbursement. 

Other highlights of our benefits package include: 

• Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug .

• Life, legal, and supplementary insurance.

• Virtual and in person mental health counseling services for individuals and family.

• Commuter and parking benefits.

• 401(K) retirement plan with matching contributions.

• Employee stock purchase plan. 

• 11 holidays and 3 weeks of vacation per year. 

• On-site fitness center.

• Access to CoStar Group’s Diversity, Equity, & Inclusion Employee Resource Groups. 

• Snacks and caffeine.

We welcome all qualified candidates who are currently eligible to work full-time in the United States to apply. However, please note that CoStar Group is not able to provide visa sponsorship for this position. 

This position offers a base salary range of $165,000 - $190,000, based on relevant skills and experience and includes a generous benefits plan.

CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing

CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing