Privacy & Cybersecurity Compliance Officer - Mediaocean Remote US Bookmark Share Print 85 0 1

Listing Description

Mediaocean is powering the future of the advertising ecosystem with technology that empowers brands and agencies to deliver impactful omnichannel marketing experiences. With over $200 billion in annualized ad spend running through its software products, Mediaocean deploys AI and automation to optimize investments and outcomes. The company's advertising infrastructure and ad tech tools are used by more than 100,000 people across the globe. Mediaocean owns and operates Prisma, the industry's trusted system of record for media management and finance, Flashtalking, the world's largest independent ad server and creative personalization platform, as well as Protected Media, the MRC-accredited ad verification solution for brand safety and fraud detection. Visit www.mediaocean.com for more information. 

We are seeking an experienced and highly skilled Privacy & Cybersecurity Compliance Officer to lead and manage the company’s ad tech privacy and cybersecurity compliance efforts. As part of the legal and compliance team and reporting directly to the General Counsel, this role is critical to ensuring that our company maintains compliance with applicable data privacy laws, industry regulations, and internal cybersecurity policies. You will act as the subject matter expert on global privacy laws, data security standards, and risk management practices, while fostering a culture of compliance and security throughout the ad tech organization.

What You Will Do:
  • Privacy & Data Protection Compliance:
  • Lead and manage compliance with global data privacy regulations, including but not limited to GDPR, CCPA, CPRA, and other relevant privacy laws.
  • Develop, implement, and monitor data privacy policies, procedures, and controls to ensure compliance with regulatory requirements and internal standards.
  • Conduct data protection impact assessments (DPIAs), privacy audits, and assessments of data processing activities to ensure compliance with applicable laws.
  • Advise on cross-border data transfer issues and implement solutions, including Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), and data localization strategies.
  • Act as the primary point of contact for privacy regulators, handling inquiries, audits, and complaints from data subjects.
  • Cybersecurity Compliance:
  • Oversee the ad tech division’s cybersecurity compliance program, ensuring adherence to industry standards and best practices such as NIST, ISO 27001, and SOC 2.
  • Collaborate with IT and security teams to design, implement, and enforce cybersecurity policies, including incident response plans, data breach protocols, and risk management strategies.
  • Ensure that appropriate technical and organizational measures are in place to protect sensitive data, including encryption, access controls, and security monitoring.
  • Regularly conduct risk assessments and security audits to identify vulnerabilities and implement remediation plans.
  • Coordinate responses to cybersecurity incidents, including leading post-incident reviews and ensuring compliance with breach notification requirements under various regulations.
  • Vendor and Third-Party Risk Management:
  • Establish and maintain a robust third-party risk management program, ensuring that vendors and partners meet the company’s privacy and cybersecurity standards.
  • Conduct privacy and security due diligence on new and existing vendors, especially those involved in data processing activities.
  • Review and negotiate privacy and cybersecurity terms in vendor contracts, ensuring alignment with internal and regulatory requirements.
  • Training & Awareness:
  • Develop training programs for employees on data privacy, cybersecurity best practices, and compliance obligations.
  • Promote awareness of privacy and cybersecurity risks across the organization, fostering a culture of compliance and security.
  • Serve as a key advisor to ad tech senior management on emerging privacy and cybersecurity trends and their potential impact on the company.
  • Regulatory & Legal Guidance:
  • Provide expert advice to the legal team, business units, and senior leadership on privacy and cybersecurity-related matters.
  • Keep abreast of changes in global privacy and cybersecurity laws and industry regulations, proactively advising the company on how these changes may impact business operations.
  • Assist in the review and negotiation of data protection agreements, privacy policies, terms of service, and other legal documents to ensure compliance with privacy laws and data security standards.
  • Reporting & Monitoring:
  • Develop regular reports to the General Counsel, and executive leadership on privacy and cybersecurity compliance initiatives, risks, and incidents.
  • Track and report on key privacy and cybersecurity metrics, including the number of privacy incidents, data breach responses, and compliance with regulatory timelines.

    • Who You Are:
  • Education: Bachelor's degree required, with a preference for a JD, MBA, or a related advanced degree.
  • Certifications: Certified Information Privacy Professional (CIPP), Certified Information Systems Security Professional (CISSP), or similar certifications are strongly preferred.
  • Experience: Minimum of 3-5 years of experience in privacy, data protection, and cybersecurity compliance, ideally within the ad tech or tech industry.
  • Knowledge: Deep understanding of global privacy laws (GDPR, CCPA, CPRA, etc.) and cybersecurity frameworks (NIST, ISO 27001, SOC 2).
  • Proven experience in developing and implementing privacy and cybersecurity programs, policies, and incident response plans.
  • Strong working knowledge of advertising technology, digital marketing practices, and related regulatory challenges, including ad fraud, cookie compliance, and cross-border data flows.
  • Skills:
  • Excellent communication and interpersonal skills, with the ability to interact effectively with both technical and non-technical stakeholders.
  • Strong leadership skills with experience managing cross-functional teams and projects.
  • Analytical mindset with the ability to assess and mitigate risk while balancing business needs.
  • Ability to work under pressure in a fast-paced, dynamic environment.

    • Why Mediaocean?
  • Competitive total compensation, including 401(K) employer match and financial wellness seminars 
  • Extensive medical, dental, and vision plan – Keep your family (or just yourself!) safe and healthy
  • Flexible time off – In addition to our 14 company holidays, we provide open PTO to all U.S.- based Mediaocean employees. So take a sick day, vacation day, or mental health day 
  • Bonding Leave – After six months of employment at Mediaocean, mothers and fathers, including same-sex parents, can take job-protected, paid time off to bond with their child within the first 12 months of the child’s birth or adoption 
  • Insurance, Pet Insurance, employer matched Health Savings Account and Flexible Spending Accounts
  • Professional development – Personalized development plan created with your manager, continuous internal and external trainings, official company-wide mentorship program, professional development rewards program, management, leadership, and function-specific training for top performance, education reimbursement 
  • Get rewarded for demonstrating Mediaocean values 
  • Active affinity-based groups – Form connections with similar peers in offices around the world. Groups include: Women at MO, Black Employees at Mediaocean (BEMO), Pride at MO, Mi gente (Hispanic/Latinx community), AAPI at MO, Parents at MO, International Enrichment, Language Lovers, Books & Beyond, DEI in Engineering, and Mental Health & Wellness, and Caregivers United  
  • Wellness opportunities – Free virtual yoga and abs and glutes classes, company-paid Headspace meditation app membership, company-wide steps challenges, complimentary snacks in-office   
  • Bikeshare program in select offices, (Divvy and CitiBike for Chicago and New York offices)  
  • All of these benefits/perks are effective on the date of hire
    • We would hate to miss out on your application because you do not meet every requirement – transferrable skills and education will also be considered, so please do not hesitate to apply! 
     
    Mediaocean recognizes our true strength and value shine when all our team members feel there is space in the conversation for their voices, thoughts, ideas, perspectives, and concerns. Mediaocean is committed to being an equal opportunity employer, and we consider all applicants regardless of their age, race, color, gender, sexual orientation, ethnicity, religion, national origin, disability, or veteran status. 

    If you're an existing Mediaocean employee and would like to submit a referral, click here.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!