Build and lead high-performing teams across risk, compliance, privacy, and continuity functions
Serve as a trusted advisor to executive leadership, providing strategic guidance on risk, compliance, and resilience matters
Direct the global operational Risk Management function, including disaster planning, environmental, and operational risk
Develop and execute enterprise risk assessment routines and mitigation strategies
Establish governance structures and ensure risk-related policies and procedures are updated and consistently implemented across all lines of business
Build awareness and influence stakeholders at all levels to drive risk management initiatives
Serve as the enterprise Chief Compliance Officer, overseeing the development and execution of a comprehensive compliance strategy
Ensure adherence to all applicable federal, state, and international regulations
Monitor compliance performance, report to executive leadership and the board, and oversee audits, investigations, and corrective actions
Develop and maintain compliance policies, procedures, and training programs
Lead the global Privacy Program; define and execute the vision and strategy for program maturation, ensuring compliance with domestic and international privacy laws (e.g., HIPAA, CCPA, GDPR)
Oversee privacy risk assessments, incident response, and implementation of privacy-by-design practices
Collaborate with technology and business leaders on emerging risks related to AI, adtech, and data governance
Lead the enterprise Business Continuity Program, including framework design, business impact analyses, recovery strategies, and crisis management
Oversee disaster recovery planning in partnership with technology teams
Ensure continuity plans are tested, maintained, and aligned with regulatory requirements and industry best practices
Provide executive oversight for incident response efforts, ensuring coordinated and effective management of disruptive events
Develop and manage departmental budgets and ensure efficient resource allocation
Promote a culture of collaboration, transparency, and continuous improvement across the enterprise in collaboration with other risk-focused business areas such as Cyber Security, Internal Audit, and Global Security
Job Specifications
Typically has the following skills or abilities:
Bachelor’s degree in Business, Law, Risk Management, or related field or equivalent experience; advanced degree preferred
15+ years of progressive leadership experience in risk management, compliance, privacy, and/or business continuity within complex, global organizations
10+ years’ experience with clear progression to senior leadership/management roles, leading and motivating, cross-functional, interdisciplinary teams to achieve strategic goals
Proven success in developing and executing enterprise-wide strategies and leading cross-functional teams
Expert knowledge of regulatory compliance, privacy laws, risk management frameworks, and business continuity standards
Strong strategic planning, analytical, and problem-solving skills
Exceptional communication and interpersonal skills; ability to influence at all organizational levels
Demonstrated ability to manage crises, drive change, and inspire confidence
Certifications such as CHC, CIPP, CBCP, or similar are highly desirable
#LI-VISIONCARE
VSP Vision is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to age, gender, race, color, religion, sex, national origin, disability or protected veteran status. We maintain a drug-free workplace and perform pre-employment substance abuse testing.
Unincorporated LA County Residents: Qualified Applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act, and any other similar laws.
Notice to Candidates: Fraud Alert - Fake Job Opportunity Solicitations Used to Collect Fees/Personal Information.
We have been made aware that fake job opportunities are being offered by individuals posing as VSP Vision and affiliate recruiters. Click here to learn about our application process and what to watch for regarding false job opportunities.
As a regular part of doing business, VSP Vision (“VSP”) collects many different types of personal information, including protected health information, about our audiences, including members, doctors, clients, brokers, business partners, and employees. VSP Vision employees will have access to this sensitive personal information and are subject to follow Information Security and Privacy Policies.