Data Privacy Officer

Salary: $100,000 Location Type: Remote Employment Type: Full-time

Position Overview

Resource Innovations is seeking a highly skilled and motivated Data Privacy Officer to join our dynamic team. This role is crucial for leading efforts to align privacy practices with security frameworks such as ISO 27001 and SOC 2, ensuring regulatory compliance and audit preparedness. You will work closely with security, legal, and compliance teams to oversee data handling practices, conduct risk assessments, and drive privacy-by-design initiatives. This position will play a critical role in strengthening our data governance program, minimizing privacy risk, and supporting ongoing information security audits.

Responsibilities

• Develop and maintain organizational privacy policies aligned with ISO 27001 Annex A controls.
• Oversee implementation of data protection controls in support of ISO 27001 certification objectives.
• Lead privacy components of SSAE-18 (SOC 1/SOC 2) audits, including evidence collection and control testing.
• Conduct and document Data Protection Impact Assessments (DPIAs) for systems handling personal or energy usage data.
• Monitor compliance with client-specific privacy requirements.
• Provide privacy input during vendor onboarding and support third-party risk assessments.
• Collaborate with IT and InfoSec to ensure data lifecycle practices align with ISO 27001 data classification and handling standards.
• Advise internal teams on “privacy by design” principles in program and product development.

Requirements

• Strong understanding of global and U.S. data privacy laws and regulations.
• Demonstrated experience interpreting and applying privacy requirements in both legal and technical contexts.
• Hands-on experience supporting ISO 27001 certification efforts, with a focus on Annex A control implementation.
• Familiarity with SSAE-18 (SOC 1/SOC 2) audit frameworks, including privacy-related trust criteria.
• Proven ability to lead or contribute to privacy impact assessments (PIAs/DPIAs) in technical environments.
• Experience reviewing and enforcing data privacy policies, vendor agreements, and contractual clauses.
• Ability to collaborate with legal counsel, IT, and security teams to align data protection efforts across disciplines.
• Proficient in managing data subject rights requests and incident response processes involving personal data.
• Bachelor’s degree in Law, Information Security, IT, Political Science, Communications or related field; JD or Master’s degree a plus.

About Resource Innovations

Resource Innovations (RI) is a women-led energy transformation firm focused on impact. Building on our expertise in energy efficiency, we’re constantly expanding our portfolio of clean energy solutions to guide utilities through increasingly complex, connected challenges. Load flexibility. Electrification. Carbon reduction. With every step, we’re leading the charge to power change.

Resource Innovations is an Equal Opportunity Employer, committed to ensuring equal employment opportunities for all job applicants and employees without regard to race, color, religion, national origin, gender, age, disability, marital status, genetics, protected veteran status, sexual orientation, or any other protected status. In addition to federal law requirements, Resource Innovations complies with applicable state and local laws governing non-discrimination.