Governance, Risk, and Compliance Specialist

Who we are :

Want to make an impact? Join our pack and come work (and play!) with us.

We believe everyone deserves the unconditional love of a pet-and at Rover, our mission is to make it easier to experience that love. Founded in 2011, the Rover app and website connect dog and cat parents with loving pet sitters and dog walkers in neighborhoods across the US, Canada, and Europe. We empower our community of trusted pet sitters and dog walkers to run their own pet care businesses on Rover with the tools and security of a global company to back them.

Headquartered in Seattle, Washington, we work closely with our teams in Barcelona, San Antonio, Spokane, and remote locations. We've got a reputation for being a great place to work, having been named among the 100 Best Companies to Work For in Seattle Business Magazine and Washington's Best Workplaces in the Puget Sound Business Journal. We're an agile, fast-growing company, and our leadership comes from some of the world's most respected tech companies.

At Rover, our furry coworkers are just as important as our human ones-and we wouldn't have it any other way. Along with making the joys of pet parenthood more accessible, we're committed to fostering a diverse, inclusive, and welcoming community of pet people-and that starts with our employees.

Who We're Looking For :

We are seeking a detail-oriented and proactive GRC Specialist to join our team at Rover. This role will support our efforts to ensure proper data governance, policy development, and regulatory adherence with a specific focus on global privacy regulations, including CCPA, GDPR, and other privacy laws. The ideal candidate will work closely with our legal and cybersecurity to ensure that our GRC practices are robust, effective, and compliant.

Your Responsibilities :

• Manage and Respond to Data Subject Requests Escalations (DSRs) : Handle customer escalations from CX around requests for data access, rectification, erasure, restriction, portability, and objections to processing, ensuring timely and compliant responses under CCPA, GDPR, and other regulations.
• Assist in Privacy Expertise and Guidance : Offer insights and best practices to internal stakeholders on privacy compliance, supporting a culture of privacy and data protection within the organization and new Rover companies.
• Policy and Procedure Development : Contribute to the development and maintenance of privacy and data governance policies, ensuring they are up-to-date with evolving regulatory requirements.
• Maintain Training Records and Key Learning Indicators : Track key learning indicator measures related to privacy compliance and maintain training records to ensure continuous improvement and awareness among staff.
• Assist in Developing Metrics to Track Success of Program : Specifically, we need someone who can help to develop strong metrics to track and report on the health / success of our privacy programs. This will be done in conjunction with our Privacy Program Manager to be reported out to our executives on the success or failure of the programs we develop.
• Apply project management skills to : plan, coordinate, and execute privacy compliance initiatives, ensuring tasks are delivered on time and stakeholders remain aligned to achieve results.
• Assist with Record of Data Processing Activities (ROPA) : Work with Legal counterparts to develop and maintain the ROPA, ensuring accurate documentation of data processing activities.
• Assist in Configuration and Customize Ketch Platform : Assist in configuration and customization to the Ketch privacy management platform, with Data Security Engineer, to meet the needs of the privacy program, including creating and refining workflows, assessments, and reports.
• Assist in Compliance Monitoring : Monitor and track compliance activities, including the effectiveness of privacy and data security controls, and provide regular reports to management.
• Support Data Privacy Audits : Assist in or conduct data privacy audits to identify and address vulnerabilities in data privacy processes, ensuring alignment with regulatory requirements.
• Governance Activities : Support the GRC team in maintaining records of data processing activities, conducting privacy impact assessments, and ensuring documentation is compliant with CCPA, GDPR, and other relevant regulations.
• Assist in Conducting Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) : Collaborate with Legal and Privacy Program Manager to evaluate and mitigate privacy risks through PIAs and DPIAs, supporting the privacy program's risk management efforts.
• Collaborate on Privacy Law Compliance : Partner with Legal and Privacy Program Manager counterparts and to ensure compliance with existing and emerging privacy regulations, providing insights on changes that impact the organization.
• Training and Awareness : Assist in developing training materials and programs to enhance employee awareness regarding privacy practices, data protection requirements, and internal policies.
• Incident Response Support : As necessary, aid in the documentation and investigation of data breaches or other security incidents, ensuring a swift and compliant response in collaboration with the Data Security Engineer and other stakeholders.

Your Qualifications :

Preferred Qualifications :

Benefits of Working at Rover.com :

Rover is an equal-opportunity employer committed to promoting a diverse, inclusive, and inventive environment with the best employees. We're driven by seeing our people succeed and grow, and we work to ensure everyone contributes to their fullest potential. We consider all qualified applicants without regard to age, race, color, ancestry, national origin, religion, disability, protected veteran status, sex, gender identity or expression, sexual orientation, or any other protected status in accordance with applicable laws, regulations, and ordinances. #J-18808-Ljbffr