What You'll Do- Lead and support privacy incident response activities from intake through resolution, including investigation, risk assessment, documentation, remediation planning, and notification requirements.
- Drive privacy incident timelines and outcomes to ensure compliance with applicable regulatory and legal obligations.
- Assess privacy risks related to business processes, new products, initiatives, technologies, and data use cases, translating risks into practical, actionable recommendations.
- Conduct Privacy Impact Assessments (PIAs) that support compliant, scalable business execution.
- Provide business-focused privacy guidance that balances innovation, operational objectives, and risk management.
- Support oversight of third-party data sharing arrangements and vendor relationships by identifying and mitigating privacy risks.
- Contribute to the development, enhancement, and operationalization of privacy policies, standards, procedures, and governance practices.
- Support regulatory examinations, audits, inquiries, and related documentation efforts.
- Partner closely with Compliance, Legal, Information Security, Data Governance, Risk, and business stakeholders to embed privacy considerations into day-to-day operations.
- Evaluate privacy implications associated with emerging technologies and evolving business strategies.
Where You'll Make an Immediate ImpactFrom day one, you'll help advance several critical initiatives, including:
- Leading privacy incident response and breach notification activities while meeting regulatory timing requirements.
- Scaling and enhancing Privacy Impact Assessment processes to support growing business demand.
- Strengthening privacy due diligence related to artificial intelligence, emerging technologies, and evolving data use practices.
- Supporting cross-border data governance considerations across the U.S. and Canada.
- Enhancing enterprise capabilities related to privacy risk management, incident response, and data governance.
- Contributing to the continued maturity and effectiveness of Edward Jones' enterprise privacy program.
Position RequirementsWhat Experience You Need:• Juris Doctor (J.D.) or equivalent legal degree
• License to practice law in at least one U.S. jurisdiction
• 3-5 years of relevant experience in privacy, compliance, or related disciplines.
• Experience supporting or leading incident response activities
• Knowledge of U.S. and Canadian privacy frameworks and regulatory requirements, including GLBA, CCPA/CPRA, CAN-SPAM, FACTA, FCRA, PIPEDA, and Quebec Law 25
• Ability to assess risk and translate complex requirements into practical solutions
• Ability to operate effectively in ambiguous and evolving environments
• Strong written and verbal communication skills
• Ability to work in a team-based or matrix environment
• Demonstrated success navigating complex, dynamic environments and ability to manage conflicting priorities
• Proficient in Microsoft Word, Excel, PowerPoint and basic communication tools
What Could Set You Apart:• IAPP certification (CIPP/US, CIPP/C, or similar)
• Experience in financial services or another highly regulated industry
• Familiarity with privacy tools (e.g., OneTrust) and structured assessment processes
• Experience working across compliance, legal, and technology teams
This role will be based at our HQ office in St. Louis, Mo or Tempe, Az. This role requires travel using commercial and motor vehicle transportation. A valid driver's license is required. Candidates that live within a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office four days per week.Salary InformationEdward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page.