Director Risk and Compliance (Data Privacy & Regulatory Compliance) - Anywhere Real Estate : Job Details
Director Risk and Compliance (Data Privacy & Regulatory Compliance)
Anywhere Real EstateJob Location : Rochester,NY, USA
JOB SUMMARY
As a key member of the Global Information Security team, the Director of Risk & Compliance (Data Privacy and Regulatory Compliance) will lead global data privacy and compliance initiatives across Product & Technology. This strategic role involves embedding privacy-by-design and regulatory compliance into the design, development, and operation of technology systems and products. The Director will ensure data handling practices and information systems comply with regulations such as HIPAA, PCI, GDPR, and NYDFS, while maintaining audit standards like SOC 1 Type I and II through technical controls, risk management, and governance frameworks.
KEY RESPONSIBILITIES
Embed Privacy and Security: Collaborate with engineering and product teams to integrate privacy-by-design and security principles into system development lifecycles.
Translate Regulations: Convert complex regulatory requirements (e.g., HIPAA, PCI, GDPR, NYDFS) into actionable controls.
Ensure Audit Readiness: Oversee preparation for audits like SOC 1 Type I & II, PCI, and NYDFS, ensuring robust controls for financial reporting.
Monitor Regulatory Changes: Stay updated on evolving regulations, assess impact, and advise stakeholders.
Cross-Functional Collaboration: Work with Legal, Risk, and Compliance teams to interpret and implement requirements.
Ensure Compliance: Oversee adherence to laws, regulations, and standards, including data protection impact assessments (DPIAs).
Establish metrics and KPIs to measure privacy and compliance initiatives' effectiveness.
Champion a Compliance Culture: Chair the Global Data Privacy Steering Committee and promote a culture of privacy and compliance.
Advise on Data Protection: Act as a subject matter expert on data controls, readiness, and audit strategies.
QUALIFICATIONS
Proven expertise in global data privacy and compliance, with knowledge of CCPA, HIPAA, PCI, GDPR, NYDFS, and SOC standards.
Ability to stay current with regulatory trends and privacy developments.
Leadership experience in managing teams, audits, risk assessments, and privacy programs.
Strong understanding of technical controls, risk management, and security governance.
Experience working with cross-functional teams to operationalize compliance.
Excellent communication skills to translate complex requirements.
Strategic thinking and advisory skills for senior leadership.
Analytical skills for risk assessment and solution implementation.
Bachelor's degree required; advanced degrees or certifications preferred.
10+ years in data privacy, compliance, or related tech fields, with 5+ years in leadership.
Certifications such as CIPP, CISSP, or CISA are preferred.
About Anywhere Real Estate Inc.: (NYSE: HOUS) is transforming real estate. We own brands like Better Homes and Gardens Real Estate, Century 21, Coldwell Banker, and more, operating in over 118 countries, supporting nearly 1 million transactions annually.
Our Culture & Values
At Anywhere, we empower everyone's next move—including your career. We value talent, growth, and innovation, fostering a people-first culture. Learn more in our Impact Report. We are recognized as a great place to work and a trustworthy, ethical company by organizations like Great Place to Work, Forbes, Newsweek, and Ethisphere.
EEO Statement: EOE including disability/veteran
#J-18808-Ljbffr