PlayOn
Security
PrivacyProgramManager
Neural analysis suggests this role is
optimal for Mid candidates.
“Privacy Program Manager at PlayOn. Skills: privacy program governance, CCPA compliance, COPPA, Privacy Impact Assessments (PIAs), Records of Processing Activities (ROPA), vendor privacy risk assessments, GRC program. Own PlayOn's privacy program governance: CCPA, COPPA, and applicable state privacy laws as they apply. Drive compliance remediation work in partnership with Legal and external privacy counsel”
What You'll Achieve.
Own PlayOn's privacy program governance; Drive compliance remediation work; Conduct Privacy Impact Assessments (PIAs); Maintain Records of Processing Activities (ROPA); Oversee privacy processes; Participate in the Data Privacy Council (DPC); Maintain and update external-facing privacy policies, internal notices, and employee data handling guidelines; Conduct vendor privacy risk assessments; Support GRC program; Own the security questionnaire response process; Track and report privacy program metrics, open risks, and remediation progress
Industry & Context.
Conduct Privacy Impact Assessments (PIAs) for new products, features, and vendor relationships, surfacing real risk and driving resolution, not just documenting it; Ability to work across Legal, Data Governance, and Engineering, each with different incentives and vocabulary; approach decisions with a scientist's mindset; challenging your assumptions; remaining objective; consider long-term impact rather than relying on short-term gains; proactively seek others' perspectives
What They're Looking For.
Must Have
3–5 years of privacy program experience at a consumer-facing technology company, CCPA compliance experience, Working knowledge of COPPA and the practical implications for products serving minors or educational institutions, Experience conducting PIAs and privacy risk assessments that produce actionable decisions, not just documentation, Familiarity with data mapping and ROPA methodology, Comfortable working in a governance and oversight model, written communication: clear privacy notices, precise questionnaire responses, no marketing language, Ability to work across Legal, Data Governance, and Engineering, CIPP/US certification or actively pursuing one, GRC platform familiarity (Vanta, Hyperproof, Drata, or equivalent), Experience with additional U. S. state privacy laws (VCDPA, CPA, CTDPA, and others as they apply)
Nice to Have
COPPA operational experience for student or minor-facing consumer products is strongly preferred, PCI DSS familiarity is a plus
What You'll Do.
Own PlayOn's privacy program governance: CCPA
and applicable state privacy laws as they apply
Drive compliance remediation work in partnership with Legal and external privacy counsel
Conduct Privacy Impact Assessments (PIAs) for new products
and vendor relationships
Maintain Records of Processing Activities (ROPA) and the company-wide data validate accuracy across all three product platforms
Oversee privacy processes and ensure activities align with program requirements and are conducted within SLA
Participate in the Data Privacy Council (DPC) as the privacy program's subject matter expert
Maintain and update external-facing privacy policies
and employee data handling guidelines
Conduct vendor privacy risk assessments during onboarding and annual vendor reviews
including evidence collection for Compliance reports and audits
Own the security questionnaire response process for customer and prospect privacy inquiries
Track and report privacy program metrics
and remediation progress to the CISO
How You'll Work.
Team & Collaboration
Drive compliance remediation work in partnership with Legal and external privacy counsel; Participate in the Data Privacy Council (DPC); Ability to work across Legal, Data Governance, and Engineering; establishing processes and relationships with teams outside your own; rally around common goals; find win-win solutions; compromise when necessary; help others succeed
Communication Scope
written communication: clear privacy notices, precise questionnaire responses, no marketing language
Process & Methodology
Drive compliance remediation work, Oversee privacy processes, Track and report privacy program metrics, open risks, and remediation progress
Full Job Description
## In this role, you can expect to Own PlayOn's privacy program governance: CCPA, COPPA, and applicable state privacy laws as they apply. Drive compliance remediation work in partnership with Legal and external privacy counsel. Conduct Privacy Impact Assessments (PIAs) for new products, features, and vendor relationships, surfacing real risk and driving resolution, not just documenting it. Maintain Records of Processing Activities (ROPA) and the company-wide data inventory; validate accuracy across all three product platforms. Oversee privacy processes and ensure activities align with program requirements and are conducted within SLA. Participate in the Data Privacy Council (DPC) as the privacy program's subject matter expert. Maintain and update external-facing privacy policies, internal notices, and employee data handling guidelines. Conduct vendor privacy risk assessments during onboarding and annual vendor reviews. Support GRC program, including evidence collection for Compliance reports and audits, e.g. SOC 2 Type II. Own the security questionnaire response process for customer and prospect privacy inquiries. Track and report privacy program metrics, open risks, and remediation progress to the CISO. ## To thrive in this role, you have 3–5 years of privacy program experience at a consumer-facing technology company — operational track record, not just policy or legal advisory. CCPA compliance experience. Working knowledge of COPPA and the practical implications for products serving minors or educational institutions. Experience conducting PIAs and privacy risk assessments that produce actionable decisions, not just documentation. Familiarity with data mapping and ROPA methodology — you have built or maintained a data inventory before. Comfortable working in a governance and oversight model — advising and holding partner teams accountable rather than owning every operational process directly. Strong written communication: clear privacy notices, precise questionnai
Applying for this Privacy Program Manager role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Lever
- Lever uses a streamlined one-page form — apply in under 5 minutes.
- LinkedIn import works well; review parsed data before submitting.
- The cover letter field is optional but visible to reviewers — use it to differentiate.
- Referral codes from employees can significantly boost visibility of your application.
ANONYMOUS · UNFILTERED
What do employees actually say about PlayOn?
Real rants from real employees. Read before you apply.