Privacy and Data Protection Manager

As the Privacy and Data Protection Program Manager you will be responsible for supporting the company’s global privacy and data protection programs. This role will ensure that 1Password complies with international, federal, and local data protection regulations, including the GDPR, PIPEDA, CCPA, and other relevant data privacy laws. The ideal candidate will be adept at legal research, compliance monitoring, and providing guidance on privacy-related matters. They will work closely with various internal teams, such as IT, HR, Marketing, and Operations, to implement and maintain effective data protection practices.

This role reports to the Senior Director of Privacy

This is a remote opportunity within Canada and the US.

What we're looking for:

• Bachelor's degree in Business, Legal Studies, or a related field; Juris Doctor from an accredited law school preferred.
• Experience working with privacy regulations such as GDPR, PIPEDA, CCPA/CPRA, and other regional or industry-specific privacy laws.
• 2-5 years of experience in a legal, compliance, privacy role, preferably in a company serving customers globally.
• Experience conducting privacy impact assessments, audits, or compliance monitoring.
• Strong attention to detail and ability to handle confidential information with discretion.
• Excellent written and verbal communication skills, with the ability to explain complex legal concepts to non-legal stakeholders.
• Problem-solving mindset and ability to work independently, as well as collaboratively within cross-functional teams.
• Strong organizational skills and ability to manage multiple tasks simultaneously in a fast-paced environment.

• Proficiency in legal research and privacy management tools.
• Strong understanding of data protection technologies and information security principles (e.g., encryption, pseudonymization, access controls).
• Familiarity with IT systems, databases, and data flow mapping.

Bonus points for:

• Ability to work with international teams and understand cross-border data transfer rules
• Work experience in Privacy, Data Protection, Compliance, or a related field for a te
• Privacy certification (e.g., Certified Information Privacy Professional (CIPP/C CIPP/US or CIPP/EU)

What you can expect:

Legal Research & Analysis

• Support research efforts on privacy-related legal developments, regulatory changes, and enforcement trends.
• Help analyze how changes in privacy laws may affect 1Password’s business operations.
• Collaborate with the commercial legal team in drafting and reviewing privacy-related agreements, including data processing agreements (DPAs) and vendor contracts.
• Monitor updates in data privacy laws and regulations and share insights with internal teams.
• Assist in developing and implementing internal privacy policies and procedures that align with legal requirements and industry standards.

Incident Management

• Help maintain accurate records of incidents and support compliance with the 1Password’s incident response plan.
• Assist in preparing data breach notifications for regulatory authorities and impacted individuals, as required.

Vendor Management

• Review and assess third-party service providers’ privacy practices to ensure alignment with the 1Password’s data protection standards.
• Advise on due diligence processes for onboarding new vendors, partners or customers, ensuring compliance with contractual and legal obligations.
• Support the management and organization of vendor data processing agreements and related documents.