Privacy Program Manager

About Gusto

Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools. Today, Gusto offices in Denver, San Francisco, and New York serve more than 300,000 businesses nationwide.

Our mission is to create a world where work empowers a better life, and it starts right here at Gusto. That’s why we’re committed to building a collaborative and inclusive workplace, both physically and virtually. Learn more about our Total Rewards philosophy.

About the Role:

Gusto is looking for a Privacy Program Manager to help develop and mature the objectives and strategy for our Privacy Program. Gusto is a fast-growing company with an increasing number of customers who trust us with highly-sensitive, personally identifiable information (PII) and protected health information (PHI) about themselves and their employees when they sign up for or use our services. As a result, safeguarding our customers’ data privacy is a top consideration in everything we do here at Gusto. This requires Gusto to be innovative, forward thinking, and transparent about privacy and our commitment to compliance. While reporting to our Global Head of Privacy, this person will play a critical support role in creating, implementing, and driving internal adoption of the Privacy Program here at Gusto.

About the Team:

You will be joining the Legal & Compliance team at Gusto, reporting to the Global Head of Privacy and helping to fine tune and mature Gusto’s Privacy program as a whole. You will work closely with members of the Legal team, as well as various cross-departmental partners throughout the business.

Here’s what you’ll do day-to-day:

• Be a cross-functional champion for Privacy and data protection within Gusto
• Support the design, creation, and implementation of key Privacy Program initiatives that deliver best in class privacy practices
• Develop and enhance privacy policies, procedures, and documentation to ensure continued compliance with relevant regulations and standards
• Work as part of a cross-functional team to deliver best-in-class privacy and data-protection training initiatives
• Help develop and deliver regular and high-value privacy communications and messaging to various departments
• Prepare and deliver privacy training and awareness programs for employees across the organization
• Conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) for new projects and initiatives
• Identify and implement operational improvements to embed privacy and data protection in the way teams work at Gusto
• Support adoption of operational privacy processes through discussion and coordination with stakeholders across the company
• Work with legal and other teams to review and track privacy and data protection compliance through project lifecycles
• Assist in monitoring and responding to privacy-related inquiries and incidents, including data breaches and Subject Access Requests (SARs)
• Assist in conducting periodic audits and assessments of privacy controls and processes
• Support and manage various privacy related projects

Here’s what we're looking for:

• Bachelor's degree in Business, Legal Studies, Information Technology, or a related field; J.D. from an accredited law school preferred
• 4+ years of work experience in privacy or technology law, financial services, healthcare, or other related fields
• Proven track record of breaking down processes and identifying key pain points in order to deliver business improvements at local, regional and global levels
• Proven track record of collaborating with cross-functional groups to set objectives and produce results
• Experience managing, organizing, and coordinating projects and process-improvements in a program
• Thorough understanding of privacy laws, regulations, and standards, including but not limited to CCPA, HIPAA, GDPR, NIST, and other relevant data protection frameworks
• Familiarity with emerging trends and technologies in the field of data privacy and protection.
• Knowledge of information security principles and practices, including encryption, access controls, and data breach response protocols
• Understanding of risk management principles as they pertain to data privacy and protection
• Strong analytical skills with the ability to assess complex situations and formulate effective solutions
• Proficiency in project management methodologies, including planning, execution, and monitoring
• Skilled in building and maintaining collaborative relationships with stakeholders at all levels of the organization
• Strong communication skills and a proven ability to educate, inspire, and drive support for the Privacy function
• Strong problem solving skills to evaluate solutions and then empower others to deliver
• CIPM, CIPP/US, CIPP/E, or other relevant privacy certifications
• Collegiality, accountability, a sense of humor

Our cash compensation amount for this role is targeted at $112,000/yr - $138,000/yr in Denver & most major metro locations, and $136,000/yr - $168,000/yr for San Francisco & New York. Final offer amounts are determined by multiple factors including candidate location, experience and expertise and may vary from the amounts listed above.

Gusto has physical office spaces in Denver, San Francisco, and New York City. Employees who are based in those locations will be expected to work from the office on designated days approximately 2-3 days per week (or more depending on role). The same office expectations apply to all Symmetry roles, Gusto's subsidiary, whose physical office is in Scottsdale.

Note: The San Francisco office expectations encompass both the San Francisco and San Jose metro areas.

When approved to work from a location other than a Gusto office, a secure, reliable, and consistent internet connection is required.

Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Gusto.

Gusto is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. Gusto considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Gusto is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. We want to see our candidates perform to the best of their ability. If you require a medical or religious accommodation at any time throughout your candidate journey, please fill out this form and a member of our team will get in touch with you.

Gusto takes security and protection of your personal information very seriously. Please review our Fraudulent Activity Disclaimer.