Privacy Program Manager
Viking · Los Angeles Metropolitan Area · 2 wk ago
HybridProject Management$125k–$140k/yrFull-time
Job Responsibilities
- Manage and continually improve Viking’s privacy rights management process to support compliance with applicable privacy laws; provide guidance, process support, and awareness materials to internal stakeholders to ensure privacy requests are handled in accordance with local and global requirements.
- Monitor and manage Viking’s privacy inbox, triage and process data subject rights requests in accordance with Viking’s established procedures, and identify, escalate, and coordinate follow-up on inquiries or issues requiring legal or leadership review.
- Support the management of privacy incidents by coordinating fact gathering, facilitating cross-functional response activities, tracking remediation, and escalating matters to the Privacy Director and other stakeholders, as appropriate.
- Develop and maintain reports, dashboards, and metrics for key areas of responsibility to track compliance activities, identify trends, risks, and process gaps, and support continuous improvement and mitigation planning.
- Stay current on federal, state, and international privacy law developments, regulatory expectations, and leading practices to support privacy operations, guidance, and program enhancements.
- Develop, maintain, and enhance privacy procedures, guidelines, templates, knowledge resources, and training materials to support consistent privacy practices across the organization.
- Support the review, preparation, and coordination of privacy-related contractual provisions, including data protection terms and related documentation, in partnership with legal and business stakeholders.
- Support internal stakeholders in privacy impact assessments, data mapping, and related privacy-by-design activities.
- Support the Privacy Director in the execution of broader privacy program initiatives and special projects, as needed.
Required Qualifications
- Bachelor’s degree required. Preferred areas of study include law, public policy, business administration, information governance, or a related discipline that supports interpretation and application of regulatory frameworks in a corporate environment.
- 5–8 years of hands-on experience supporting privacy, data protection, or compliance programs, with a demonstrated track record of contributing to or operating within a global, in-house privacy function (not solely advisory or consulting-based experience).
- Practical, working knowledge of U.S. and international privacy laws (including GDPR and CCPA/CPRA), with the ability to apply those requirements in real business scenarios (e.g., intake processes, data use reviews, or operational remediation), rather than theoretical familiarity.
- Proven ability to translate legal and regulatory requirements into clear, actionable guidance for non-legal stakeholders. This includes experience advising business partners on how to operationalize privacy requirements within existing processes, systems, or product workflows.
- Demonstrated experience managing multiple concurrent initiatives with competing priorities, including coordinating cross-functional stakeholders and driving work to completion with minimal oversight.
- Strong written communication skills, specifically in drafting structured materials such as internal procedures, training content, stakeholder communications, and executive-level summaries that reflect both accuracy and business practicality.
- Experience using privacy management or workflow tools (e.g., for DSARs, PIAs, or incident tracking), with an understanding of how systems support scalable program operations.
- Direct involvement in at least two of the following program components within a global organization: Privacy rights request intake and fulfillment (e.g., DSARs), Privacy impact or risk assessments (PIAs/DPIAs), Data mapping or records of processing activities, Incident response or breach coordination.
Preferred Qualifications
- J.D. or equivalent legal/privacy training preferred.
- Relevant privacy certifications such as CIPP/US, CIPP/E, CIPM, or similar credentials preferred.
- Experience developing privacy metrics, dashboards, and reporting.
- Experience supporting privacy training, privacy-by-design initiatives, and cross-functional process improvements.
About Viking
Viking (NYSE: VIK) is a global leader in experiential travel with a fleet of more than 100 ships, exploring 21 rivers, five oceans and all seven continents. Designed for curious travelers with interests in science, history, culture and cuisine, Chairman and CEO Torstein Hagen often says Viking offers experiences For The Thinking Person™. Viking has more than 450 awards to its name, including being rated #1 for Rivers and #1 for Oceans five years in a row by Condé Nast Traveler in the 2025 Readers’ Choice Awards. Viking is also rated a “World’s Best” by Travel + Leisure —no other travel company has simultaneously received such honors by both publications.