Together with the Chief Legal Officer and General Counsel, you will assist in developing and driving Company-wide data privacy and IT-security initiatives. You will evaluate and mitigate risk for the organization in matters related to global privacy laws and regulations, across all aspects of domestic and international development and operations, data and analytics, IT, marketing, human resources, learning and development, finance, and in special projects as assigned by the Chief Legal Officer and General Counsel. You will also support and help manage Orangetheory’s privacy program globally, as well as the Company’s cybersecurity and PCI compliance initiatives, while ensuring conformity with applicable laws and regulations (including, but not limited to, CCPA and GDPR) in an efficient and proactive manner. You will lead regulatory projects, conduct compliance and governance training, monitor relevant organizational operations, conduct internal assessments, and provide legal guidance to internal and external stakeholders as and when necessary.
- Provide leadership and support to various privacy-related programs and IT initiatives at Orangetheory.
- Ensure applicable privacy and security requirements are properly incorporated into Company policies, procedures, and other controls.
- Lead privacy and security compliance assessments and advise on associated legal issues.
- Review and negotiate data privacy and processing, IT-security, and SaaS agreements to ensure terms, conditions, and obligations are suitable to the organization and the designated business stakeholders.
- Keep abreast of changes in law and educate Orangetheory internal stakeholders on any related gaps in order to properly address all requirements for compliance.
- Participate in cross-functional and other departmental meetings, as and when needed.
- Provide other support, as necessary, as directed by the Chief Legal Officer and General Counsel, including without limitation, supporting any requirements for product and platform monitoring.
- Identify new or changing risk factors impacting the organization’s privacy profile, including legal and regulatory requirements, evolving technologies, and internal processes.
- Oversee enterprise risk and impact assessment processes and recommend mitigation strategies and responses.
- Develop and publish new policies, procedures, and guidelines to communicate the organization’s privacy principles and requirements and support compliance with legal, regulatory, and transactional requirements.
- Identify appropriate assessment criteria and coordinate the performance of assessments of the organization’s business functions and stakeholders, including third parties as appropriate. Manage ongoing compliance monitoring efforts and metrics development.
- Lead efforts to identify, develop and integrate all consumer-related privacy requirements and processes into enterprise products and services. Serve as escalation stakeholder for all consumer requests and complaints.
- Create and deliver privacy-related training programs and awareness campaigns to support the understanding of requirements and compliance with the organization’s privacy policies and procedures.
- Oversee a privacy breach response program working with security, technology, and functional resources to maintain an enterprise-wide privacy breach response function supported by proper resources and effective processes.
- Bachelor’s degree and JD from an accredited institution
- Licensed attorney in the State of Florida (or ability to obtain House Counsel Certification immediately upon hire).
- At least 5 years legal experience, with at least 2/3 years primary experience with privacy and IT-security compliance.
- Significant experience assessing, building, and implementing privacy compliance initiatives.
- Deep knowledge regarding generally accepted privacy principles (i.e., CCPA, GDPR, etc.).
- Understanding of cybersecurity and PCI compliance.
- Multi-jurisdictional compliance experience preferred, particularly involving the United States, Canada, Australia, China, Japan, EU, and the UK.
- Proven ability to provide practical guidance and solutions with a view towards optimization, efficiency, and compliance as a business advantage.
- General understanding of IT systems and concepts, SaaS agreements, and a working knowledge of SAP or similar ERP system.
- Demonstrated collaborative and relationship building skills, with an ability to work well within a dynamic, matrixed organization and ambiguous environment.
- CIPP/US, CIPP/EU, CIPM, or equivalent professional certification strongly preferred.
Why Join Orangetheory Corporate?
- We offer a competitive salary along with exceptional benefits such as:
- Free workouts at corporate studios
- Healthcare Benefits: Medical, Dental, Vision among many other supplemental benefits
- Employer Paid Benefits: Long-Term Disability and Life Insurance
- Paid Time Off
- Holiday Pay
- Parental Leave Pay
- State-of-the-Art Wellness Center at Corporate Headquarters
- 401k Plan with Employer Contribution
- Team Building, Employee Engagement activities and so much more.
Our Company provides equal employment opportunity to all individuals regardless of their race, color, creed, religion, gender, age, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by state, federal, or local law. Discrimination of any type will not be tolerated.
Jobs That Make a Real Difference
Orangetheory is a science-based, full-body workout that uses technology to measure performance so members can prove they are improving. In a 60-minute class, led by a highly trained and certified coach, members target at least twelve minutes in the Orange Zone to raise their heart rate and charge up metabolism. The result is an increase in calorie burn post-workout, backed by the science of excess post-exercise oxygen consumption (EPOC). After twelve minutes of hard work in the Orange Zone, your body burns additional calories as you recover over the next 24 hours.
For us, physical fitness transcends weight loss and bikini season. Fitness is a way of life -- in fact, our brand purpose is to help people live longer, more vibrant lives. When we help our members to put in the work at our studios, they will experience benefits in their day-to-day. They will be physically stronger, but beyond that, they will notice improvements to their mood, cognition, sleep, and overall happiness and quality of life. This workout actually changes your body at the cellular level and has been known to help members through disease, chronic illness, depression, and even heartbreak and the loss of loved ones. They’ll simply have the energy to play with their grandchildren, run a 5K, or go hiking. When we can help our members to take care of their body and mind, amazing things can happen. More Orangetheory, More LIFE.
Diversity, Equity and Inclusion
Orangetheory is committed to encouraging, facilitating and upholding an environment centered on diversity, equity and inclusion across every facet of the Orangetheory brand. We will work to create a sustainable culture that supports a healthy space for learning and growing, valuing and empowering every employee, inspiring a diverse franchise network, and uplifting the members and communities we serve. Click here to see more about Diversity, Equity and Inclusion at Orangetheory.
(if you already have a resume on Indeed)