The Global Privacy Office (GPO) is part of the Global Technology (GT) team at Marriott Vacations Worldwide (MVW) which is on a multi-year journey to modernize technical and digital products and platforms across all business lines. As part of the GT team, the GPO is continuing to mature and morph to align to the changing ecosystem. This role requires an individual contributor with a strong background in privacy enhancing technologies, privacy controls, and data. The incumbent is a proven thought leader, a consensus builder, and an integrator of people, processes, and technology.  

Specific Job Summary 

The Senior Manager, Privacy Engineering reports to the Director, Data Privacy. This individual will play a key role in ensuring that privacy policies are correctly implemented through technical solutions. This role will align advanced technologies with Privacy by Design principles to support business objectives while ensuring compliance with global regulatory requirements. The position involves collaboration with product development, legal, compliance, data governance, and security teams to build privacy-centric systems and processes. 

The role requires a deep understanding of software engineering, privacy technologies, and data protection practices, ensuring the organization adheres to key regulations such as GDPR, CCPA, and other global privacy frameworks. 

Key Results 

• MVW privacy standards are aligned and implemented across all brand operations and technical implementations.   

• Privacy by Design is implemented and executed in a manner that promotes a culture of privacy from the inception of business initiatives. 

• Internal and external privacy risks are identified, assessed, and mitigated in accordance with the company’s risk threshold from a Privacy by Design perspective. 

Working Relationships 

• Global Technology Functional Leads 

• Data & Analytics 

• Internal Audit 

• Legal Counsel 

• Risk Management 

• Finance & Accounting 

• Procurement 

• Regulators in privacy 

Expected Contributions 

•  Performs complex quantitative and qualitative analysis for business processes and/or projects. Often manages large projects or business processes, either singlehandedly or in collaboration with broader teams. 

• Responds to, solves and makes decisions on complex/non-routine business requests with limited to moderate risk. 

• Responsible for own work and contributing to team, department and/or business results. May direct work of non-management staff. 

• Assists senior associates in achieving business results by: 

• identifying opportunities to enhance the effectiveness of business processes. 

• providing training and technical guidance to senior staff, where appropriate, and serving as point-of-contact for problem resolution. 

• participating in setting department operating plans. 

• recognizing and celebrating team successes. 

• achieving results against budget within scope of responsibility. 

• Demonstrates an awareness of personal strengths and areas for improvement and acts independently to increase skills and knowledge. 

• Performs other duties as appropriate. 

Specific Expected Contributions  

•  Develops and implements solutions to ensure privacy policies are correctly executed, supporting business data use while maintaining compliance. 

• Aligns advanced technologies and Privacy by Design principles from the outset of development processes. 

• Collaborates with data product development teams to integrate privacy features into new data-driven projects. 

• Works closely with internal privacy program managers, legal, compliance, governance, and data protection teams. 

• Designs and develop software enhancements for managing new data streams, focusing on mitigating privacy vulnerabilities. 

• Assists with managing data privacy, protection, usability, and overall integrity of privacy solutions. 

• Utilizes programming languages and modern technologies to develop and implement privacy-preserving solutions, including data anonymization, pseudonymization, and encryption. 

• Analyzes system requirements and perform necessary modifications to ensure privacy protection is embedded at all levels. 

• Collaborates with usability teams to ensure user-facing privacy controls are intuitive and effective. 

• Guides the development of new privacy-focused products and features. 

• Conducts regular privacy by design assessments, identifying and mitigating risks across the organization through tools, training, and guidance. 

• Communicates program progress, escalate issues, and provide analytical insights to key stakeholders. 

• Serves as a technical advisor to data science and analytics teams on privacy-related matters. 

Staff and Span of Control: 

• Staffed as an individual contributor.  

• Manages implementation and configurations of Privacy Enhancing Technologies.  Contributes to establishing organizational business objectives. 

Successful candidates should possess knowledge and experience and demonstrate strong leadership and relationship skills as follows: 

Generally, a professional position with specific knowledge and experience in a discipline (e.g., Accounting, Human Resources, Information Technology) as well as associate management experience.  College degree and/or relevant experience typically required. 

Specific Candidate Profile  

Education 

• Bachelor’s degree or 7 years of experience in privacy, technology, or related field (e.g. information assurance, human resource, health management, cybersecurity, computer science, business administration, project management, public policy, ethics, library and information services, or other related degree.) 

• Advanced degree in related field preferred 

Certifications Required 

• IAPP CIPT (or within the first year) 

Certifications Preferred 

• Data Privacy certification from IAPP (CIPT, CIPM, etc.) 

• ISACA CRISC or CDPSA 

• OneTrust Certification 

• Appropriate HIPAA Privacy certification 

Experience 

• At least 7 years of progressive experience in Information Technology, Security, Privacy, Legal, Audit or related fields of study 

Skills/Attributes 

•  Strong customer service focus and customer advocate. 

• Excellent organizational skills and ability to manage multiple projects. 

• Detail oriented; strives for excellence in all assignments. 

• Ability to work in a team environment and interact with all levels of the organization. 

• Excellent verbal and written skills. 

• Proven problem-solving skills. 

• Goal oriented; self-motivated. 

• Excellent analytical and problem-solving skills with the ability to assess and mitigate privacy risks. 

• Strong communication skills (both verbal and written) with the ability to influence stakeholders without direct authority. 

• Experience working with cross-functional, global teams to implement privacy-compliant solutions. 

• Deep understanding of software application design, programming languages, and development tools. 

• Knowledge of multiple operating platforms and software testing, debugging, and coding best practices. 

• Understanding of privacy engineering principles, including data anonymization and encryption techniques. 

• Competency in interpreting numerical data and statistical principles. 

• Strong data literacy skills, including data management, cleansing, and manipulation. 

• Ability to work with large datasets while maintaining privacy protections. 

• Analytical and Strategic Thinking 

• Develop and execute comprehensive privacy strategies aligned with corporate objectives and regulatory compliance. 

• Analyze global privacy trends, legal changes, and emerging risks to anticipate their impact on the hospitality industry. 

• Design metrics and KPIs to measure the effectiveness of privacy policies and initiatives. 

• Conduct privacy by design assessments and identify gaps in privacy compliance across operations. 

• Provide strategic guidance to integrate privacy considerations into new hospitality technologies and customer engagement strategies. 

Technical 

• Solid understanding of privacy laws and regulations, such as GDPR, CCPA, and APPI, and their operational implications. 

• Familiarity with privacy frameworks, data protection techniques (e.g. pseudonymization, encryption, anonymization, masking, etc.) and privacy-enhancing technologies (PETs). 

• Knowledge of data flows, data categories and their privacy impact to system configurations, human resource operations, marketing operations, and resort operations.  

• Collaborate with Global Tech teams to implement risk-mitigating controls. 

Project Management Skills 

• Lead privacy by design efforts to implement privacy best practices across multiple business units and geographic locations. 

• Ensure timely delivery of privacy initiatives, including audits, policy updates, and training programs. 

Interpersonal 

Communication:  

• Proven verbal and written communication skills to convey technical concepts to non-technical stakeholders in easy-to-understand ways. Able to contribute ideas that challenge assumptions and thinking.  

• Build relationships with stakeholders across marketing, operations, legal, and IT to foster a culture of privacy. 

• Communicate complex privacy concepts to non-technical audiences, including executives and frontline employees. 

• Customer Focus:  

• Commitment to a strong customer service orientation to understand and address internal client needs effectively. Ability to build empathy with key stakeholders in the course of their daily work. 

• Advocate for customer trust and transparency in all privacy-related communications and policies. 

• Collaboration:  

• Proven ability to collaborate within the Global Technology organization at all levels, vendors, and Managed Service providers to architect solutions and oversee successful project implementations.  

• Mediate between teams during privacy disputes or conflicting priorities, ensuring solutions that align with compliance. 

• Leadership Courage:  

• Ability to influence at all levels, lead, motivate, and inspire team members, driving successful implementation and adoption of group product features and solutions. 

• Serve as a trusted advisor to the leadership team on privacy matters, balancing business goals with regulatory requirements.  

Additional Attributes 

• Strong ethical foundation and commitment to upholding customer privacy and data security. 

• Proactive and adaptable in responding to the dynamic regulatory landscape of the hospitality industry. 

• Detail-oriented with a focus on accuracy and compliance in all privacy-related and tech-related documentation. 

• Learning: Commitment to, staying informed of emerging PETs, privacy standards, and industry best practices. 

• Adaptability: Flexibility to adapt to changing project requirements and organizational dynamics within a matrixed organizational structure. 

• Problem-Solving: Proactive approach to identifying and addressing potential issues before they escalate.