Senior Vice President, Enterprise Risk Management, Compliance, Privacy & Business Continuity

Build and lead high-performing teams across risk, compliance, privacy, and continuity functions

Serve as a trusted advisor to executive leadership, providing strategic guidance on risk, compliance, and resilience matters

Direct the global operational Risk Management function, including disaster planning, environmental, and operational risk

Develop and execute enterprise risk assessment routines and mitigation strategies

Establish governance structures and ensure risk-related policies and procedures are updated and consistently implemented across all lines of business

Build awareness and influence stakeholders at all levels to drive risk management initiatives

Serve as the enterprise Chief Compliance Officer, overseeing the development and execution of a comprehensive compliance strategy

Ensure adherence to all applicable federal, state, and international regulations

Monitor compliance performance, report to executive leadership and the board, and oversee audits, investigations, and corrective actions

Develop and maintain compliance policies, procedures, and training programs

Lead the global Privacy Program; define and execute the vision and strategy for program maturation, ensuring compliance with domestic and international privacy laws (e.g., HIPAA, CCPA, GDPR)

Oversee privacy risk assessments, incident response, and implementation of privacy-by-design practices

Collaborate with technology and business leaders on emerging risks related to AI, adtech, and data governance

Lead the enterprise Business Continuity Program, including framework design, business impact analyses, recovery strategies, and crisis management

Oversee disaster recovery planning in partnership with technology teams

Ensure continuity plans are tested, maintained, and aligned with regulatory requirements and industry best practices

Provide executive oversight for incident response efforts, ensuring coordinated and effective management of disruptive events

Develop and manage departmental budgets and ensure efficient resource allocation

Promote a culture of collaboration, transparency, and continuous improvement across the enterprise in collaboration with other risk-focused business areas such as Cyber Security, Internal Audit, and Global Security

Job Specifications

Typically has the following skills or abilities:

Bachelor's degree in Business, Law, Risk Management, or related field or equivalent experience; advanced degree preferred

15+ years of progressive leadership experience in risk management, compliance, privacy, and/or business continuity within complex, global organizations

10+ years' experience with clear progression to senior leadership/management roles, leading and motivating, cross-functional, interdisciplinary teams to achieve strategic goals

Proven success in developing and executing enterprise-wide strategies and leading cross-functional teams

Expert knowledge of regulatory compliance, privacy laws, risk management frameworks, and business continuity standards

Strong strategic planning, analytical, and problem-solving skills

Exceptional communication and interpersonal skills; ability to influence at all organizational levels

Demonstrated ability to manage crises, drive change, and inspire confidence

Certifications such as CHC, CIPP, CBCP, or similar are highly desirable

#LI-VISIONCARE

Unincorporated LA County Residents: Qualified Applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act, and any other similar laws.

Notice to Candidates: Fraud Alert - Fake Job Opportunity Solicitations Used to Collect Fees/Personal Information.

We have been made aware that fake job opportunities are being offered by individuals posing as VSP Vision and affiliate recruiters.Click hereto learn about our application process and what to watch for regarding false job opportunities.

As a regular part of doing business,VSPVision ("VSP")collects many different types ofpersonal information, including protected health information, about ouraudiences, includingmembers, doctors,clients, brokers, business partners,andemployees. VSP Vision employees will have access to this sensitive personal information and are subject to follow Information Security and Privacy Policies.