Chief Privacy Officer, The Estée Lauder Companies Inc., New York, New York

Position Overview:

  • Bachelor degree required. J.D. or lAPP Certifications such as CIPP/US, CIPP/IT and/or CIPP/M a strong asset. 
  • Minimum of 10 years of experience in a role focused on data privacy compliance. 
  • Prior management experience strongly preferred. 
  • Deep understanding of U.S. and International privacy laws, regulations and best practices. 
  • In-depth knowledge and experience on building, leading and maintaining privacy programs is required. Proven track record of policy and process development, implementation and management.
  • Experience and skill at writing policies and guidance documents supporting various business activities and conducting investigations. 
  • Demonstrated ability to learn quickly, prioritize multiple urgent tasks, and deliver results. 
  • Strong knowledge and interest in emerging technologies and a strong understanding of information systems and related security requirements.
  • Team oriented and able to build strong cross-functional relationships and influence others without direct line reporting authority.
  • Comfortable representing the organization for all privacy related matters.


  • Develop and execute overall global privacy strategy and serve as the key privacy resource for the Company.
  • Design and establish a global privacy management program, including processes for the completion of personal information inventories, privacy impact assessments, and updating privacy policies and procedures. Ensure ongoing monitoring, auditing, reporting and evaluation of the privacy management program. 
  • Develop and implement vendor management program to ensure appropriate vetting and auditing of vendors for compliance with Company-wide privacy requirements. 
  • Supervise and develop Global Privacy Office staff and oversee local privacy liaisons in each region. 
  • Coordinate with privacy counsel, global information systems and other business stakeholders to ensure existing and new products, services and processes comply with applicable privacy requirements. 
  • Develop global privacy training materials and other communications to increase employee understanding and awareness of privacy issues and conduct initial and on-going global privacy training. 
  • Maintain knowledge of and monitor developments in global privacy requirements and best practices. 
  • Manage privacy complaints, breaches and investigations by privacy regulatory authorities. 
  • Oversee response to consumer and employee information access and deletion requests. 
  • Work with government affairs to develop relationships with regulators and government officials responsible for privacy and data security matters, as well as relevant consumer organizations. 
  • Ensure all processing and/or databases are registered with the local privacy/data protection authorities where required. 
  • Review all system-related information security plans to ensure alignment between security and privacy practices. 
  • Serve as the Company’s spokesperson for media and other external inquiries about privacy-related matters. 
  • Oversee Company appointed local privacy liaisons in each region. 

Application Submission Information:

Please apply directly on our ELC Careers Webpage at