Program Manager, Privacy


Posted Date
Job ID
Job Function
Information Technology
REI City
REI State
REI Location
Seattle HQ
Remote Eligible
Please visit the Covid-19 Hiring Updates before applying
What's cool about this job

At REI Co-op, we believe that a life outdoors is a life well lived. As an employee of REI, you will have the opportunity to shape what it means to be a Co-op Member. REI is more than an outdoor retailer – our members engage with us in experiences, content and community, advocacy and more.

We are looking for a Program Manager, Privacy to join our Privacy Operations team to build a monitoring and testing program of our large-scale privacy initiatives impacting multiple business units and stakeholders. This role will focus on driving methodologies to validate that the various privacy technical and organizational measures are being implemented by each business unit. The Program Manager, Privacy will help identify gaps or issues in REI’s Data Subject Request (DSR) process, Privacy Impact Assessment (PIA) reviews, and other privacy initiatives, then provide recommendations to address those gaps. This role will require the Program Manager, Privacy to provide operational execution of several large, cross-functional privacy initiatives in order to ensure REI is meeting its privacy obligations, while providing recommendations to address privacy gaps related to the privacy and protection of its members, customers, and employees across the company. This is a highly visible role that requires strategic thinking, excellent stakeholder management, communication skills and project management leadership.

In this role you will:

  • Design, prioritize, and execute ongoing monitoring and control testing against our privacy policies and standards
  • Audit specific areas of the privacy program to ensure compliance efforts are being met
  • Initiates, plans, implements and manages scope, schedule, cost and quality for individual project or program level efforts of large complex programs (cross-divisional, multi-year in nature)
  • Effectively communicate and interface with internal stakeholders, as well as colleagues and business partners
  • Work directly with REI architects, program managers, project managers, and other stakeholders to make sure that REI businesses are compliant with Privacy standards.
  • Support continuous testing of privacy controls
  • Provide assistance with any Audit reviews and safeguard testing by internal and external teams
  • Analyzes and evaluates project interdependencies and their impacts to the program
  • Conduct compliance reviews to determine the efficiency of business line processes and controls in a timely manner
  • Decisively makes sound decisions when faced with ambiguity and uncertainty
  • Drive excellence through identification and execution of opportunity areas that create efficiency, remove obstacles, or create improved processes and approaches to the business
  • Works cross functionally with business partners, IT, vendors and other teams to ensure successful execution of the Monitoring and Testing program
  • Assess whether the current privacy control framework meets regulatory expectations, report and present findings and observations, collaborate and strategize to solve deficiencies
  • Develops and executes program roadmap and/or project plans
  • Communicates status of program and projects to management and stakeholders on a regular basis
  • Develops and executes comprehensive change management plans in partnership with the project team and leaders of impacted areas
  • Monitors performance of independent contractors and vendors providing services or products that impacts REI’s Monitoring & Testing Privacy Program
  • Develops strong collaborative relationships with cross divisional partners to achieve positive project outcomes
  • Establishes trust and inspires others to drive cross functional initiatives
  • Foster the advancement of project management methodologies, best practices and standards
  • Keep abreast of new privacy regulations and integrate new requirements into Monitoring & Testing program
  • Models and acts in accordance with REI’s guiding values and mission.

Bring your passion and expertise


  • Bachelor’s degree in Technology or Business, or equivalent training and experience.
  • Experience with GDPR, CCPA, HIPPA and other privacy regulations.
  • Strong knowledge of privacy and Information Security compliance methods, standards, processes, governance models, and/or industry standard compliance frameworks.
  • Security and/or Privacy industry certifications.
  • 8+ years of experience in a privacy, legal, compliance or risk management role, audit, or monitoring and testing program management.
  • 7+ years of program management experience, including change management, project management, stakeholder management, user training, and communications.
  • 10+ years’ experience in information technology.
  • 8+ years managing large, complex, cross-functional projects with both business and technology focus.
  • 8+ years mentoring project managers in program and project management. 
  • Strategic critical thinking ability .
  • Experience with portfolio management and governance practices.
  • Knowledge of methodologies, standards and procedures that contribute to the development and deployment of technology solutions.
  • Skills in project prioritization, problem-solving, issue management and negotiation, and mediation.
  • Establishes trust and inspires others.
  • Makes effective organization and people decisions in a manner consistent with REI's values and ethics.
  • Delivers on commitments and holds others to same.
  • Champions the organization and advocates solutions in the overall Company's best interest.
  • Uses business knowledge, innovative thinking, and sound judgment in the solution of problems or the pursuit of business opportunities.
  • Consolidates information from various sources including feedback from others to reach sound decisions.
  • Considers the ultimate impact of decisions and actions on internal and external customers.
  • Effectively plans and executes changes.


  • Graduate or Law Degree
  • PMP certification
  • 2+ years supervisory experience in the information technology field and the ability to direct technical work teams.
  • 10+ years project management methodology experience.

As required by applicable Pay Transparency laws, REI provides a range of minimum compensation for roles that may be hired in locations under these requirements. Factors that may be used to determine your actual salary may include a wide array of factors, including: your specific skills and experience, geographic location or other relevant factors. The salary range for this position may be lower or higher in different markets.

The pay for this role is: $75,000 to $147,500 per year  
At REI we offer an enviable work environment that Fortune Magazine has recognized on the "100 Best Places to Work" list since the award's inception – 23 years in a row! Sure, we work hard, but it’s balanced with time off to play—a strategy that works for us as we continue to grow and thrive. Want to enjoy a workplace where you can be yourself, be heard and be respected while having a job that challenges you? This is the place.

With more than 160 retail locations (and growing), REI offers unique competitive benefits to its more than 15,000 employees, including healthcare, gear and apparel discounts, free equipment rentals and challenge grants to help employees reach personal outdoor goals, generous retirement plan contributions, public transit subsidy, adoptions assistance, paid sabbaticals, and more.

REI is an Equal Opportunity Employer

Posting Range
$75,000 to $147,500 per year
ARTICLE 23-A, Section 753

§753. Factors to be considered concerning a previous criminal conviction; presumption.

1. In making a determination pursuant to section seven hundred fifty-two of this chapter, the public agency or private employer shall consider the following factors:

(a) The public policy of this state, as expressed in this act, to encourage the licensure and employment of persons previously convicted of one or more criminal offenses.

(b) The specific duties and responsibilities necessarily related to the license or employment sought or held by the person.

(c) The bearing, if any, the criminal offense or offenses for which the person was previously convicted will have on his fitness or ability to perform one or more such duties or responsibilities.

(d) The time which has elapsed since the occurrence of the criminal offense or offenses.

(e) The age of the person at the time of occurrence of the criminal offense or offenses.

(f) The seriousness of the offense or offenses.

(g) Any information produced by the person, or produced on his behalf, in regard to his rehabilitation and good conduct.

(h) The legitimate interest of the public agency or private employer in protecting property, and the safety and welfare of specific individuals or the general public.

2. In making a determination pursuant to section seven hundred fifty-two of this chapter, the public agency or private employer shall also give consideration to a certificate of relief from disabilities or a certificate of good conduct issued to the applicant, which certificate shall create a presumption of rehabilitation in regard to the offense or offenses specified therein.