Director Risk and Compliance (Data Privacy & Regulatory Compliance) - Anywhere Real Estate : Job Details

JOB SUMMARY

As a key member of the Global Information Security team, the Director of Risk & Compliance (Data Privacy and Regulatory Compliance) will lead global data privacy and compliance initiatives across Product & Technology. This strategic role involves embedding privacy-by-design and regulatory compliance into the design, development, and operation of technology systems and products. The Director will ensure data handling practices and information systems comply with regulations such as HIPAA, PCI, GDPR, and NYDFS, and maintain audit standards like SOC 1 Type I and II through technical controls, risk management, and governance frameworks.

KEY RESPONSIBILITIES

• Embed Privacy and Security: Work with engineering and product teams to integrate privacy-by-design and security principles into system development lifecycles.

• Translate Regulations: Convert complex regulatory requirements (e.g., HIPAA, PCI, GDPR, NYDFS) into actionable controls.

• Ensure Audit Readiness: Prepare for and adhere to audit standards, including SOC 1 Type I and II, PCI, and NYDFS, ensuring controls for financial reporting.

• Monitor Regulatory Changes: Stay updated on global regulations, assess their impact, and advise stakeholders.

• Cross-Functional Collaboration: Partner with Legal, Risk, and Compliance teams to interpret and implement regulatory and audit requirements.

• Ensure Compliance: Oversee adherence to laws, regulations, and industry standards through governance and controls.

• Oversee data protection impact assessments (DPIAs) and proper handling of personal data.

• Establish metrics and KPIs to measure Data Privacy and Compliance initiatives.

• Champion a Compliance Culture: Chair the Global Data Privacy Steering Committee and foster a culture of data privacy, compliance, and audit preparedness.

• Advise on Data Protection: Serve as an expert on data protection controls, regulatory readiness, and audit strategies.

QUALIFICATIONS

• Proven expertise in global data privacy and compliance, with knowledge of CCPA, HIPAA, PCI, GDPR, NYDFS, and SOC standards.

• Ability to stay current with evolving regulations and privacy trends.

• Experience leading teams, conducting audits, risk assessments, and managing privacy programs in complex environments.

• Strong understanding of technical controls, risk management, and security governance.

• Experience collaborating with cross-functional teams to operationalize compliance.

• Exceptional communication skills for translating complex requirements.

• Strategic mindset to advise senior leadership.

• Analytical skills for risk assessment and solutions implementation.

• Bachelor's degree in a related field; advanced degrees or certifications preferred.

• 8-10 years of experience in data privacy, compliance, or related tech fields, with at least 5 in leadership.

• Certifications (preferred): CIPP/US, CIPP/E, CISSP, CISA.

Anywhere Real Estate Inc. ( is moving real estate forward. We support nearly 1 million transactions annually across more than 118 countries, with industry-leading brands such as Better Homes and Gardens Real Estate, Century 21, Coldwell Banker, and others.

At Anywhere, we empower everyone's next move—including your career. We value talent, growth, and a people-first culture rooted in empowerment, innovation, and collaboration. Learn more in our Impact Report.

We are recognized as a Great Place to Work, Forbes World's Best Employers, and more. EOE including disability/veteran.