Job Description

Principal - Data Privacy

Corporate Office
5501 Headquarters Dr
Plano Texas 75024
Job ID:
Job Description:


The Principal-Data Privacy, provides leadership and privacy expertise to develop and manage the privacy program across the enterprise. Additionally, the role is responsible for leading strategic privacy initiatives, interfacing with senior executives, and driving the privacy program within the Information Security Steering Committee. The Principal-Data Privacy, must maintain strong working relationships with business leaders throughout Rent-A-Center.



  • Refine, enhance, and scale company-wide privacy compliance operating processes
  • Provide solution-focused privacy guidance to product, business, engineering, and other cross-functional teams
  • Design, implement and maintain scalable privacy compliance operations with documented goals, objectives, activities, and metrics, including metrics that measure and improve the effectiveness of privacy controls.
  • Ensure the company’s technological processes, products and services comply with all privacy requirements, laws, and regulations.
  • Identify potential privacy and information security risks and provide practical risk-mitigation solutions.
  • Work closely with the products team to understand their perspectives, processes, applications, projects, and technologies to ensure compliance with applicable privacy laws, regulations, and industry best practices while guiding the teams to the desired goals.
  • Handle special projects related to privacy compliance, as requested
  • Prepare governance reporting capabilities to guide discussion with business and IT leaders in the context of the Information Security Steering Committee.
  • Create regular governance reporting on privacy compliance.
  • Able to navigate and contribute to Rent-A-Center’s dynamic coworker community, challenging others where appropriate for the success of Rent-A-Center and our customers.
  • Drives a culture of community and inclusion across the greater organization.
  • Advances RAC’s Mission of “Improving the quality of life for our coworkers and our customers.”



  • D. degree from an ABA-accredited law school is preferred, but the company will consider strong privacy professionals without a J.D.
  • 6-8 + years of strong privacy experience with significant experience in privacy compliance operations
  • Minimum of 1 year experience managing a team, preferred
  • Experience designing, implementing and maintaining scalable privacy compliance operations with a proven track record of success.
  • In-house experience at a Retail or Financial Services company is strongly preferred.
  • Significant experience advising on a range of privacy issues, regulations, and industry standards
  • Expertise in privacy issues impacting the cybersecurity and privacy industry, including self-regulatory guidelines, privacy issues, and legislation, and global privacy laws & regulations (e.g., GDPR, CCPA/CPRA, and other data protection frameworks)
  • Experience developing and implementing structure and best practices while maximizing productivity in a fast-growing corporate environment.
  • Able to communicate security and risk-related concepts to both technical and non-technical audiences
  • Ability to inspire and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals, an innovative leader, problem solver, and consultant.
  • Ability to evangelize IT security to make it a critical part of business operations; build trust and respect for the security function.
  • Excellent written and verbal communication, interpersonal and collaborative skills.
  • Experienced with contract and vendor negotiations.
  • Ability to effectively prioritize and execute tasks in high-pressure situations.
  • Knowledge of security, risk and control frameworks and standards
  • Understanding cloud, SaaS, and IoT architectures and their implications on information security strategy.
  • Security acumen and experience including but are not limited to governance, risk, compliance, privacy, SOX, and PCI
  • Ability to handle confidential matters
  • Professional privacy and security management certification is strongly desirable, such as Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other similar credentials.
  • Knowledge of common information security management frameworks like NIST, 800-53, and Cybersecurity Framework is strongly desirable.


Not what you’re looking for?

Try a new search!