Director, Data Privacy Compliance
Zeta Global · New York, United States · 1 wk ago
RemoteRemoteLegal$150k–$175k/yrFull-time
Position Overview
The Director of Privacy Compliance is a leadership role responsible for developing, implementing, and operationalizing Zeta Global's enterprise-wide privacy compliance program. Reporting to the VP Privacy Compliance & Legal Operations, this individual will serve as a subject matter expert on global privacy laws, emerging artificial intelligence laws & regulations, advertising regulations, and emerging regulatory requirements affecting the marketing and advertising technology industry.Key Responsibilities
- Privacy Program Leadership
- Work closely with Zeta’s Chief Privacy Officer to lead the design, implementation, and ongoing maturation of Zeta's global privacy compliance program across all business units and acquired platforms.
- Serve as a senior subject matter expert on federal privacy laws relevant to Zeta’s business (e.g. TCPA and CAN-SPAM), U.S. state privacy laws (CCPA/CPRA and comprehensive state equivalents), GDPR, and other applicable international privacy frameworks.
- Oversee privacy impact assessments, data mapping exercises, and records of processing activities across Zeta's product portfolio.
- Manage privacy policy development and maintenance, including cross-platform privacy integration and harmonization following acquisitions.
- Lead incident response coordination for data breaches and privacy events, including regulatory assessment of federal, state, and international notification obligations.
- Able to engage confidently with business executives, clients, law enforcement, and opposing counsel.
- Self-directed, but collaborative, team-focused attitude, with a sense of humor.
- Regulatory Compliance
- Oversee compliance programs covering TCPA (telemarketing and SMS), CAN-SPAM, and digital advertising regulations including IAB TCF (Transparency & Consent Framework) requirements.
- Direct multi-state registration and licensing compliance programs, including telemarketing registrations, DBA filings, WHOIS/domain compliance, data broker registrations, privacy certifications and audits.
- Monitor and assess the impact of emerging regulations, including the Digital Services Act (DSA), Digital Operational Resilience Act (DORA), AI/ML governance frameworks, and new U.S. state privacy laws.
- Develop and maintain compliance roadmaps with actionable implementation timelines across all regulatory areas.
- Team Leadership & Legal Operations
- Manage and mentor a team of compliance and legal operations professionals, setting clear objectives and fostering professional development.
- Partner with Legal Operations on process optimization, development of playbooks and client-facing materials to facilitate efficient and effective contract management processes, and technology solutions to scale compliance functions efficiently.
- Collaborate cross-functionally with Product, Engineering, Sales, and Marketing teams to embed privacy-by-design and compliance-by-default principles.
- Prepare compliance reports and board-level materials for executive leadership and, as needed, external stakeholders.
- Publishers, Partners & Third-Party Management
- Develop and maintain publisher and partner compliance onboarding materials, guidance and effective oversight through auditing & monitoring compliance with TCPA, CAN-SPAM, and state and federal laws and regulations.
Qualifications
- Required
- 8+ years of progressive experience in privacy, regulatory compliance, or related legal/compliance roles, preferably within marketing technology, AdTech, or a data-intensive industry.
- Deep, demonstrated expertise in GDPR, CCPA/CPRA, and U.S. state privacy law landscape.
- Strong knowledge of digital advertising regulations, consent frameworks (IAB TCF), and email/SMS marketing compliance (CAN-SPAM, TCPA).
- Proven track record of building and scaling compliance programs in a complex, multi-product environment.
- Experience managing and developing compliance teams.
- Excellent written and verbal communication skills, with the ability to translate complex regulatory requirements into clear, actionable business guidance.
- Demonstrated ability to work effectively with cross-functional stakeholders at all levels of the organization.
- Preferred
- CIPP/US, CIPP/E, CIPM, or other relevant privacy certification (IAPP).
- JD or advanced degree in law, compliance, or a related field.
- Experience with M&A integration from a privacy and compliance perspective.
- Familiarity with AI/ML governance frameworks and emerging regulatory requirements.
- Experience with publicly traded companies and associated governance obligations (e.g., SEC cybersecurity disclosure requirements).
- Knowledge of international privacy regimes beyond GDPR (e.g., Australia, Singapore, Japan).
- Previous experience working as in-house counsel, particularly at a tech startup;
What We Offer
- Competitive compensation and equity
- Comprehensive benefits package
- Flexible, collaborative work environment
BENEFITS & PERKS
- Unlimited PTO
- Excellent medical, dental, and vision coverage
- Employee Equity
- Employee Discounts, Virtual Wellness Classes, and Pet Insurance
- And more!!