Data Protection Officer

Our Blueprint (Company Overview)

Built for Belonging (Why You'll Love Working Here)

Here’s why you’ll love working here:

• Access to competitive compensation & benefits that reward your contributions.
• Participation in employee recognition programs to celebrate achievements big and small.
• Exposure to professional development & learning initiatives to help you build your own path.
• Foundation built on values anchored in Accountability, Team, Urgency, Respect, Integrity, and Innovation.
• Opportunities for global exposure work alongside talented colleagues across India, Singapore, the UK, and the US, expanding your perspective and network.
• Invitations to yearly team offsites to connect, collaborate, and strengthen relationships in person.
• Leverage a lifestyle spending account benefit so you can choose your own wellness and work-from-home perks.

Our commitment to you:

• Our aspiration: A culture where every person feels confident navigating their unique path and inspired to grow every step of the way.
• Our support: Meeting you where you are, empowering your growth with clarity, support, and purpose.
• Our promise: Your growth is yours to lead, but never a journey you take alone.

Driven to Deliver (What You'll Do)

• Own and manage the day-to-day execution of Madison Logic's security and compliance program, ensuring all objectives are met on schedule
• Develop, maintain, and enforce information security and data privacy policies, standards, and procedures, ensuring they reflect current regulatory requirements, industry best practices, and organizational needs
• Conduct regular policy reviews and updates in response to changes in legislation, business operations, or the threat landscape
• Lead customer and sales-facing security and privacy engagements, including responding to security questionnaires, reviewing contract terms, and negotiating Data Processing Agreements to ensure alignment between commitments, capabilities, and compliance obligations
• Partner with Legal to draft, review, and negotiate DPAs, MSAs, and other contractual agreements to ensure security and privacy obligations are accurate, enforceable, and operationally achievable
• Serve as the primary point of contact for all information security and data privacy requests, ensuring timely and thorough resolution
• Drive and manage global compliance efforts across SOC 2, GDPR, CCPA, and other applicable privacy regulations, including control monitoring, evidence collection, and audit readiness
• Own the vendor risk management program, conducting security and privacy assessments of new and existing vendors and tracking remediation of identified risks
• Plan, coordinate, and manage internal and external security audits from preparation through remediation
• Maintain and govern all documentation related to security compliance, systems accreditation, and management controls, ensuring accuracy and availability for stakeholders
• Evaluate and improve IT security and privacy training and certification programs to address current threats and maintain compliance with applicable policies, laws, and regulations
• Lead information security analysis and planning efforts, driving process improvements and configuration recommendations across the organization

Equipped to Excel (Qualifications)

• B.S. Degree in Computer Science, Computer Information Systems, or related field desired
• 8+ years of experience building, implementing, and managing an IT Security and Data Privacy program
• Demonstrated experience developing, maintaining, and enforcing IT Security and Data Governance policies, standards, and procedures
• Experience partnering with Legal counsel to draft and negotiate DPAs, MSAs, and privacy-related contractual terms
• 4+ years of hands-on audit management experience across one or more of the following: GDPR, CCPA, SOC 2, ISO 27001, PCI, COBIT, NIST, CIS, HIPAA
• Working knowledge of penetration testing tools, AWS network security and IAM, perimeter security, application firewalls, single sign-on, Active Directory policy, SIEM, anti-malware, VPN, email security, key management, incident management, risk assessment, log management, change management, backup and disaster recovery, and highly available and distributed infrastructures
• Working knowledge of data subject privacy rights, PII data handling, data protection and cookie laws, data transmission and encryption requirements, data access controls, data retention and destruction, vendor assessment questionnaires, data privacy impact assessments, data breach response, and other cyber incident response procedures

Distinct by Design (What Sets You Apart)

• Self-Sufficient and proactive nature, able & comfortable "figuring things out", resorting to escalation only when after exhausting all other options
• Strong analytical and quantitative skills
• Excellent attention to detail & organizational skills
• Team members are encouraged to work collaboratively with an emphasis on results, not on hierarchy or titles.

Your Next Chapter

If you’re excited about helping clients succeed, love the idea of working at the forefront of marketing innovation, and want to be part of a team where integrity, respect, innovation, urgency, and accountability aren’t just words — they’re how we show up every day — then let’s talk.