Position Purpose:

This position provides guidance and direction in the development, implementation, and maintenance of consistent, company-wide compliance with applicable laws, regulations, and policies related to privacy matters. You will have a broad range of responsibilities providing legal guidance on enterprise initiatives impacting data privacy, data strategy, technology, artificial intelligence, and cybersecurity. You will partner cross-functionally with our cybersecurity, data governance, data analytics, data science, product and other teams to advise on data uses while managing legal risk and ensuring regulatory compliance. You will also be called upon to provide privacy and data security subject matter expertise to our commercial attorneys as they negotiate complex commercial transactions.

This position serves as the subject matter expert to the company on issues of data strategy/privacy technology and provides related expert advice and strategic operational guidance to all functions across the company. He/she oversees or assists with and helps investigate, manage and mitigate privacy incidents, complaints, or breaches.

RESPONSIBILITIES

Major Tasks, Responsibilities & Key Accountabilities:

Provide counsel, strategic advice and business guidance on data privacy matters across all lines of a dynamic retail business, with specific emphasis on supporting the company's digital strategy and issues related to data analytics and the implementation of new technologies.

Serve as a trusted thought leader and business partner engaging and collaborating regularly with cross-functional teams, including substantive interaction with senior and executive leaders.

Conduct privacy impact assessments of data driven tools and technologies, including providing values-driven advice and counsel on the Company's potential use of such tools and technologies, e.g. Automated Decision Making, Machine Learning, Deep Learning, Artificial Intelligence (AI), Tracking and Surveillance, Internet Monitoring, Web Tracking, Location Tracking, Audio and Video Surveillance, IoT devices, Chat Bots, Facial Identity Verification Technology, Speech Recognition, Mobile Social Computing, and Geo-Tagging.

Develop and implement solutions to ensure privacy policies are correctly implemented.

Work to align advanced technologies and Privacy by Design principles from the first stages of development and ensure that the data use meets established regulatory compliance needs.

Collaborate with data science and data product development teams creating new uses of data that employ privacy features.

Interact with internal distinguished engineers, data privacy managers, product development teams, legal, compliance, governance and data protection teams.

Interface with usability team to ensure user-facing privacy controls and experiences are customer-centric.

Use data anonymization, pseudonymization and encryption to help develop systems and processes that preserve and improve privacy protections.

Provide advice and counsel to guide the development of new privacy products and features.

Identify areas of improvement in current practices relative to managing data privacy.

Perform regular privacy program assessments of operational processes, identifying, and mitigating risks across the Company through effective tools, training and guidance.

Act as key privacy interface to internal stakeholders within the organization.

Assist the Chief Privacy Officer in the execution and continuous improvement of The Home Depot's

Privacy Program, including policies and procedures as they relate to customers and associates.

Understand the technologies that create privacy and data security challenges and keep current on legislative, judicial and regulatory privacy and data security developments in order to understand and communicate the effect of such developments on The Home Depot's business.

Assist the Incident Response Team in the review and coordination of potential privacy or data security incidents, including investigations, notifications, and other resolution efforts.

Advise government relations on the feasibility of federal and state data privacy, artificial intelligence, and related bills.

Nature and Scope:

This position reports to the Chief Privacy Officer. This position will have Direct Reports.

Environmental Job Requirements:

Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. Travel: Typically requires overnight travel 5% to 20% of the time.

Essential Skills : Minimum Qualifications:

Must be eighteen years of age or older.

Must pass the Drug Test.

Must pass Background Check.

Must pass pre-employment test if applicable.

Education Required:

The completion of a Juris Doctor or equivalent and required certifications for practicing law.

Experience Required : 10+ years (6-8 years Privacy or applicable subject matter expertise experience)

Physical Requirements:

Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.

Preferred Qualifications:

• IAPP Privacy Certification such as CIPT highly preferred

• Prior experience as in-house counsel.

• 10+ years of practice experience.

Knowledge, Skills, Abilities and Competencies:

• Solid organizational and time management skills; ability to manage multiple projects concurrently

• Ability to work well under pressure in a fast-paced, consistently changing environment, and respond to urgent situations, as required

• Excellent verbal, written and interpersonal communication skills

• Proven drafting and negotiation skills. Ability to prepare and assist in preparation of reports and presentations to as well as influence officers and executives as appropriate.

• Ability to work independently and as part of a team on numerous activities and prioritize them properly while meeting deadlines.

• Ability to confront conflict and difficult issues in a professional, assertive, and proactive manner.

• The self-starting ability to aggressively tackle new responsibilities and initiatives with minimal supervision and direction.

• Demonstrated knowledge and experience with privacy and data security laws and regulations and ability to translate that knowledge to deliver relevant and actionable guidance to the business. Specifically, possess strong substantive knowledge of legal and self-regulatory privacy and data security requirements globally (primarily North America), including, but not limited to, State Privacy Laws (e.g. CCPA/CPRA, etc.), PCI-DSS, Mobile Application Privacy Codes of Conduct, Online Behavioral Advertising Principles, State Breach Notification and Data Protection laws, FTC Act, Biometrics/Facial Recognition laws, Privacy Risk Models and Frameworks, e.g. NIST/Nymity frameworks, CASL, PIPEDA and various state privacy laws and industry regulations.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. - $0.00 - $0.00