DigitalOcean, Inc.
Privacy and Data Protection Program Manager
DigitalOcean, Inc., Seattle, Washington, us, 98127
Overview
Privacy and Data Protection Program Manager to join DigitalOcean's Legal team. Reporting to the VP, Deputy General Counsel, you will play a critical role in developing, managing, and scaling DigitalOcean’s global privacy and data protection program. You will help ensure compliance with international, federal, and local regulations—including GDPR, CCPA/CPRA, PIPEDA, HIPAA, and other applicable privacy laws—while embedding data protection practices across the company’s operations and culture. What You’ll Do
Drive privacy compliance across the organization, including conducting privacy and AI risk assessments, documenting findings, and recommending remediation measures. Manage the Data Subject Access Request (DSAR) process by reviewing requests, coordinating with business functions to fulfill them, and ensuring timely, accurate responses. Ensure alignment with applicable regulations (GDPR, HIPAA, CCPA/CPRA, CJIS, and others) by maintaining documentation, managing compliance reviews, and providing guidance to stakeholders. Support incident response by maintaining records, assisting with investigations, and helping prepare regulatory notifications as required. Design, develop, and deliver privacy and data governance training programs for both general awareness and role-specific needs. Serve as a trusted liaison across Product, Engineering, IT, HR, Marketing, and Operations to integrate privacy considerations into technology development, procurement, and deployment. Champion continuous improvement in privacy and data protection practices through proactive program management and cross-departmental collaboration. What You’ll Add To DigitalOcean
Expertise in privacy compliance: 5–10 years of experience in privacy, compliance, or legal roles, preferably in a global SaaS or technology company. Strong knowledge of regulations: Hands-on experience applying GDPR, PIPEDA, CCPA/CPRA, HIPAA, and other regional or industry-specific privacy frameworks. Proven risk management skills: Experience conducting privacy impact assessments, audits, and compliance monitoring, with the ability to translate findings into practical recommendations. Cross-functional communication: Excellent written and verbal skills, with the ability to simplify complex legal concepts for non-legal stakeholders. Attention to detail with discretion: Demonstrated ability to manage sensitive data and confidential information responsibly. Organizational strength: Skilled at managing multiple initiatives simultaneously in a fast-paced environment. Technical fluency: Familiarity with IT systems, data mapping, databases, and core security concepts (e.g., encryption, pseudonymization, access controls). Preferred experience: Juris Doctor from an accredited law school, international experience with cross-border data transfer rules, and certifications such as CIPP/US, CIPP/EU, or CIPP/C. Why You’ll Like Working for DigitalOcean
We innovate with purpose. You’ll be part of a cutting-edge technology company with an upward trajectory, focused on simplifying cloud and AI so builders can spend more time creating software that changes the world. You will be a thoughtful, proactive member of the team with a strong sense of responsibility for customers, products, employees, and decisions. We prioritize career development. You’ll work with some of the smartest people in the industry. Our organization supports growth through resources for conferences, training, and education, and provides access to LinkedIn Learning for ongoing development. We care about well-being. We offer a competitive benefits package and programs to support you, with details varying by location and regulations. We reward our employees. Competitive salary with eligible bonuses and equity compensation, including equity grants on hire and an option to participate in an Employee Stock Purchase Program. We value diversity and inclusion. We are an equal-opportunity employer and do not discriminate on any protected characteristic. Remote work option. This is a remote role dependent on local regulations and company policies.
#J-18808-Ljbffr
Privacy and Data Protection Program Manager to join DigitalOcean's Legal team. Reporting to the VP, Deputy General Counsel, you will play a critical role in developing, managing, and scaling DigitalOcean’s global privacy and data protection program. You will help ensure compliance with international, federal, and local regulations—including GDPR, CCPA/CPRA, PIPEDA, HIPAA, and other applicable privacy laws—while embedding data protection practices across the company’s operations and culture. What You’ll Do
Drive privacy compliance across the organization, including conducting privacy and AI risk assessments, documenting findings, and recommending remediation measures. Manage the Data Subject Access Request (DSAR) process by reviewing requests, coordinating with business functions to fulfill them, and ensuring timely, accurate responses. Ensure alignment with applicable regulations (GDPR, HIPAA, CCPA/CPRA, CJIS, and others) by maintaining documentation, managing compliance reviews, and providing guidance to stakeholders. Support incident response by maintaining records, assisting with investigations, and helping prepare regulatory notifications as required. Design, develop, and deliver privacy and data governance training programs for both general awareness and role-specific needs. Serve as a trusted liaison across Product, Engineering, IT, HR, Marketing, and Operations to integrate privacy considerations into technology development, procurement, and deployment. Champion continuous improvement in privacy and data protection practices through proactive program management and cross-departmental collaboration. What You’ll Add To DigitalOcean
Expertise in privacy compliance: 5–10 years of experience in privacy, compliance, or legal roles, preferably in a global SaaS or technology company. Strong knowledge of regulations: Hands-on experience applying GDPR, PIPEDA, CCPA/CPRA, HIPAA, and other regional or industry-specific privacy frameworks. Proven risk management skills: Experience conducting privacy impact assessments, audits, and compliance monitoring, with the ability to translate findings into practical recommendations. Cross-functional communication: Excellent written and verbal skills, with the ability to simplify complex legal concepts for non-legal stakeholders. Attention to detail with discretion: Demonstrated ability to manage sensitive data and confidential information responsibly. Organizational strength: Skilled at managing multiple initiatives simultaneously in a fast-paced environment. Technical fluency: Familiarity with IT systems, data mapping, databases, and core security concepts (e.g., encryption, pseudonymization, access controls). Preferred experience: Juris Doctor from an accredited law school, international experience with cross-border data transfer rules, and certifications such as CIPP/US, CIPP/EU, or CIPP/C. Why You’ll Like Working for DigitalOcean
We innovate with purpose. You’ll be part of a cutting-edge technology company with an upward trajectory, focused on simplifying cloud and AI so builders can spend more time creating software that changes the world. You will be a thoughtful, proactive member of the team with a strong sense of responsibility for customers, products, employees, and decisions. We prioritize career development. You’ll work with some of the smartest people in the industry. Our organization supports growth through resources for conferences, training, and education, and provides access to LinkedIn Learning for ongoing development. We care about well-being. We offer a competitive benefits package and programs to support you, with details varying by location and regulations. We reward our employees. Competitive salary with eligible bonuses and equity compensation, including equity grants on hire and an option to participate in an Employee Stock Purchase Program. We value diversity and inclusion. We are an equal-opportunity employer and do not discriminate on any protected characteristic. Remote work option. This is a remote role dependent on local regulations and company policies.
#J-18808-Ljbffr