Principal Customer Privacy Specialist, Pacific Gas and Electric Company, San Francisco, CA

Department Overview

In Customer Care we are focused on delivering the desired customer experience for each of our customers. Everything we do starts with the customer and our information about the customer.  That information is collected and managed by our Customer Experience Strategy group. Each of our organizations, though completely dependent upon each other, are the experts in their area and will further drive PG&Es alignment around the customer.

The Customer Care Regulatory Policy & Compliance team is a Customer Care department that is responsible for regulatory policy and strategy across Customer Care and, in some instances, across PG&E overall. Key functional groups include Risk & Compliance, General Rate Case (GRC), Privacy, Tariff Interpretation, Records and Project Management, and Regulatory Policy.

Position Summary

This position is in the Privacy team and provides subject-matter guidance and support to the enterprise to ensure the understanding of risks, threats, appropriate controls, effective business processes, and important strategies related to customer and employee privacy and data. The focus is on safeguarding data privacy through comprehensive privacy and data access governance, training and awareness activities, control enhancement and monitoring, risk assessments, data loss investigations, and policy development. This position will work across the enterprise to generate awareness of privacy requirements and PG&E standards, solicit input on how data is used (access, collection, storage, use, disclosure, and disposal),

and provide guidance to departments during business process development and reviews. This role will support the CPO in development of executive strategies and activities designed to ensure the security of personal information.



  • Bachelor’s degree in business administration or job related field or equivalent work experience
  • 10 years of relevant business experience, including four years of data privacy experience


  • Master’s or advanced degree
  • Privacy Professional Certification (CIPP/US; CIPP/IT; CIPM)
  • Resolution of complex regulatory and business problems
  • Prior utility or other highly regulated industry experience
  • Acts as a thought leader, applying extensive unique subject matter expertise in the development of strategy or resolution of complex issues
  • Passion for/interest in privacy/data policy/strategy
  • Experience with project management
  • Strong analytic capabilities
  • Excellent written and verbal communication skills with ability to explain complex issues in clear and concise terms
  • Superior time management, planning, and organizational skills
  • Exceptional interpersonal skills, including teamwork, facilitation and negotiation
  • Highly collaborative, with ability to work cross-functionally and possessing the ability to forge relationships and partner effectively
  • Ability to work on complex regulatory and business problems


  • Work independently to provide guidance on complex policy issues with enterprise impact, leveraging internal/external contacts to pressure test and refine solutions to mitigate risk and to drive privacy and data incident response and innovative resolution
  • Review and/or create internal and external procedures and controls for access to enterprise customer data to ensure compliance with all relevant privacy and data protection laws and contractual commitments.
  • Maintain and create internal privacy policy documents including but not limited to PG&E’s Customer Privacy Standard and other privacy-related policies, standards, and procedures.
  • Identify continuous improvement opportunities.
  • Identify and analyze relevant privacy and data protection issues including required privacy notices, regulatory filings, relevant process and infrastructure requirements, and industry trends and best practices.
  • Develop and maintain relationships with other industry professionals.
  • Works closely with the Law Department on review and negotiation of applicable privacy and data protection language for affiliate, vendor, and customer agreements.
  • Mentor developing team members.
  • Take on delegated management task to develop management skills.
  • Provide subject-matter expert guidance to department leaders.

Application Submission Information: