Siemens

Director of Data Privacy & Governance

Siemens$145K — $248K *
Legal & Accounting
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree with 8+ years of progressive data privacy experience.
  • Deep expertise in multi-jurisdictional privacy requirements and regulatory compliance.
  • Strong technical fluency in B2B SaaS or cloud technologies and architectures.
  • Proven track record in delivering privacy program artifacts and governance mechanisms.
  • Executive presence with experience in cross-functional partnerships.

Responsibilities

  • Set and execute the privacy and governance strategy aligning with product and corporate priorities.
  • Build and improve a global privacy program across various regions.
  • Collaborate with Siemens DPOs to ensure consistent execution and communication.
  • Deliver quarterly updates on privacy risk and program maturity to executives.
  • Manage the privacy program budget and forecast needs.

Benefits

  • Health and wellness benefits through Siemens.
  • A comprehensive variety of employee benefits detailed in the company link.
Full Job Description


About the Job

Brightly is seeking an experienced Director of Data Privacy & Governance to run the day-to-day privacy and data governance program across the enterprise. This role will work closely with Product Management, Technology, Sales, Legal, and the CISO to turn privacy requirements into practical processes, controls, and operating routines. While the CISO owns data security, this position is accountable for ensuring personal data is handled lawfully, consistently, and in line with global regulatory requirements across Brightly's products and internal operations.

This is an execution-focused leadership role. You will manage the core operating mechanisms of the privacy program, including the RoPA, Privacy Requirements Checklist, DPIA process, DSR workflow, reporting cadence, and cross-functional action tracking. The role requires close partnership with product, engineering, legal, commercial, and security teams to embed privacy into everyday decisions, improve audit readiness, and increase the speed and consistency of privacy reviews.

This U.S.-based role is ideally located in Raleigh, NC; however, we encourage applications from qualified remote candidates across the Eastern U.S.

Qualified Applicants must be legally authorized for employment in the United States and will not require employer sponsored work authorization now or in the future for employment in the United States.

What you will do

Privacy Strategy & Program Leadership

  • Set and execute Brightly's privacy and governance strategy in alignment with product priorities and Siemens objectives.
  • Build, operate, and continuously improve a global privacy program across Brightly's regions.
  • Partner with Siemens DPOs and act as a liaison between the DPO Office and Brightly; where required, serve as Brightly's DPO representative and ensure consistent execution.
  • Deliver quarterly executive updates on privacy risk, regulatory change, DSR performance, and program maturity.
  • Own the privacy program budget, forecast needs, and provide clear spend visibility.

Regulatory Compliance - Day-to-Day Operations

  • Partner with product and engineering teams to provide clear guidance on any technical or organizational changes related to data privacy that would be required for launching our products in new regulatory environments.
  • Run a quarterly jurisdiction review, mapping regulatory obligations to products, processing activities, owners, and deadlines.
  • Convert regulatory changes into engineering tickets, policy updates, or contract actions within 30 days.
  • Monitor and operationalize key regimes, including GDPR, US state privacy laws, PIPEDA/Quebec Law 25, Australia Privacy Act, India DPDP Act, HIPAA, and FERPA.
  • Maintain clear documentation related to our identified requirements for our products and the efforts we have implemented to achieve compliance with those requirements.
  • Lead regulator correspondence and ensure deadlines, submissions, and follow-ups are completed on time.
  • Direct regulatory investigations and audits, maintaining a current readiness playbook.

Data Governance - Ownership & Accountability

  • Own and mature the RoPA, ensuring full coverage and annual recertification.
  • Drive adoption of data classification, retention, and deletion controls, including quarterly deletion reporting.
  • Chair the monthly Data Governance Council and hold owners accountable for actions and decisions.
  • Maintain lawful basis coverage for processing activities before product or workflow go-live.
  • Run the DPIA process end-to-end, targeting a 10-business-day turnaround for standard reviews.
  • Lead TIAs for new international transfers and maintain the transfer register.
  • CISO and Security Partnership - Shared Operational Cadences
  • Co-lead weekly privacy/security triage with the CISO organization for requests, DPIAs, and sub-processor decisions.
  • Own the sub-processor register and approval workflow, targeting decisions within 10 business days.
  • Provide privacy inputs for monthly and quarterly Privacy & Security KPI dashboards.
  • Lead privacy impact assessment and regulator notification drafting during incidents.

Product & Engineering Enablement

  • Own and maintain the Privacy Requirements Checklist for features, integrations, and data workflows.
  • Lead privacy reviews at design, pre-launch, and post-launch milestones.
  • Create reusable privacy design patterns for consent, residency, anonymization, and analytics.
  • Triage privacy tickets within 2 business days and enforce review SLAs.
  • Run monthly office hours to unblock product and engineering teams on privacy decisions.
  • Data Subject Rights (DSR) Program
  • Own the end-to-end DSR workflow across products and regions, targeting 10 business days for standard requests.
  • Publish monthly DSR reporting by request type, jurisdiction, completion rate, response time, and escalations.
  • Own customer-facing privacy documentation and update it annually or after material regulatory changes.
  • Enable Sales and Customer Success with approved responses for privacy questionnaires, RFPs, and audits.

Training & Privacy Culture

  • Deliver annual privacy training and report quarterly completion and adoption metrics.
  • Run role-specific privacy workshops twice per year for Engineering, Product, Marketing, and HR.
  • Maintain internal privacy policies and publish an accessible change log for employees.
  • Track privacy culture metrics, including training, DPIA timeliness, DSR SLAs, and policy acknowledgements.

Operational and Soft Skills

  • Exceptional critical thinking with ability to translate vision into executable plans
  • Outstanding communication capabilities with track record of driving high-performing teams and the ability to influence at peers and leaders
  • Excellent analytical abilities and data-driven decision-making approach

What you need

  • Bachelor's degree and 8+ years of progressive experience in data privacy, data protection, or a related field, including hands-on ownership of global privacy programs.
  • Deep expertise operationalizing multi-jurisdictional privacy requirements across major regulatory regimes, with the ability to translate legal obligations into practical controls, workflows, and engineering actions.
  • Strong technical fluency in B2B SaaS or cloud environments, including AI and agentic technologies, cloud architecture, multi-tenancy, APIs, R&D trade-offs, incident response, threat models, and access controls.
  • Proven track record delivering privacy program artifacts and operating mechanisms, including RoPAs, DPIAs, DSR workflows, privacy checklists, training programs, policies, and governance routines.
  • Executive presence and cross-functional influence, with experience partnering with product, legal, security, sales, customers, and regulators in regulated industries; relevant IAPP certifications preferred.

What makes you a Standout

  • Prior experience as a designated Data Privacy and Governance leader, under GDPR with direct regulatory authority engagement.
  • JD, LLM, or equivalent legal education; or equivalent depth through extensive hands-on program leadership.
  • Hands-on experience with privacy tooling: OneTrust, BigID, TrustArc, Transcend, DataGrail, or similar - can configure workflows, not just procure licenses.
  • Experience governing AI/ML data practices: model training data, automated decision-making, and synthetic data use policies.
  • Experience managing international transfer mechanisms: SCCs, Binding Corporate Rules, adequacy decisions, US Data Privacy Framework.
  • Experience in asset management, facilities management, or infrastructure technology sectors.
  • Comfortable driving clarity and decisions in a global, matrixed organization under ambiguity.

You'll Benefit From
Siemens offers a variety of health and wellness benefits to our employees. Details regarding our benefits can be found here: https://www.benefitsquickstart.com/siemens/index.html
The pay range for this position is $145,156 - $248,839 annually with a target incentive of 20% of the base salary. The actual wage offered may be lower or higher depending on budget and candidate experience, knowledge, skills, qualifications, and premium geographic location.

About Siemens

Siemens AG is a German multinational conglomerate company headquartered in Munich and the largest industrial manufacturing company in Europe with branch offices abroad. The principal divisions of the company are Industry, Energy, Healthcare, and Infrastructure & Cities, which represent the main activities of the company. The company is a prominent maker of medical diagnostics equipment and its medical health-care division, which generates about 12 percent of the company's total sales, is its second-most profitable unit, after the industrial automation division. The company is a component of the Euro Stoxx 50 stock market index. Siemens and its subsidiaries employ approximately 385,000 people worldwide and reported global revenue of around €87 billion in 2019 according to its earnings release.
Learn more about Siemens
Size
305,000 employees
Industry
Founded
1847
NASDAQ

Similar Jobs

More Jobs at Siemens

More Legal & Accounting Jobs

Find similar Director of Data Privacy & Governance jobs: