Senior Manager - Data Privacy & Deputy DPO

What are we building?

Hard Rock Digital is a team focused on becoming the best online sportsbook, casino, and social gaming company in the world. We’re building a team that resonates passion for learning, operating and building new products and technologies for millions of consumers. We care about each customer\’s interaction, experience, behaviour, and insight and strive to ensure we’re always acting authentically.

Rooted in the kindred spirits of Hard Rock and the Seminole Tribe of Florida, the new Hard Rock Digital taps a brand known the world over as the leader in gaming, entertainment, and hospitality. We’re taking that foundation of success and bringing it to the digital space — ready to join us?

What’s the position?

We’re scaling a global privacy program that is embedded across product, engineering, operations, compliance, and customer experience. The Deputy DPO will strengthen the governance and accountability functions, ensuring that privacy and data protection remain at the forefront of how we build and operate our products while enabling the business to grow with speed and agility.

Reporting to the Data Protection Officer, the Deputy DPO will act as second-in-command for the privacy team. You’ll oversee governance, assurance, automation, and delivery across all privacy workstreams, while leading Analysts, Senior Analysts, Privacy Engineers, and Managers to ensure execution to the highest standards. You will deputise for the DPO when required, supporting in engagements with regulators, auditors, and senior executives where necessary, while maintaining the independence and authority required of the role.

Responsibilities for this role include:

• Deputising for the DPO in internal and external matters where necessary, including executive reporting and regulatory engagement.
• Providing day-to-day leadership of the privacy team, including Analysts, Senior Analysts, Privacy Engineers, and Managers, and ensuring performance metrics and KPIs are tracked and reported to senior leadership and the board.
• Overseeing complex DPIAs, ensuring the creation and negotiation of customer Data Processing Agreements, managing third-party/vendor privacy due diligence, and implementing international transfer mechanisms that best suit the situation and needs of the business.
• Designing and implementing privacy assurance programs, including audits, monitoring, reporting dashboards, and training and awareness initiatives across the company.
• Coordinating privacy responses to incidents, investigations, and escalations, including data breach preparedness, response planning, and regular testing of incident playbooks.
• Driving the development and maintenance of policies, records of processing, transfer registers, compliance frameworks, and ensuring data subject rights requests are handled within SLA timeframes and to a high standard.
• Leading delivery of automation and process improvements, with strong fluency in technology platforms, data architectures, and emerging tools to embed privacy by design into products and systems.
• Monitoring and assessing emerging legislation, regulatory guidance, enforcement trends, and new technologies, ensuring timely updates to policies and practices across multiple jurisdictions.
• Championing privacy by design, ethical use of data, and commercially pragmatic solutions that enable responsible growth and innovation.
• Working to identify and implement practical solutions to data privacy matters, ensuring that regulatory requirements are met in ways that also support business objectives.
• Building bridges and forging strong relationships with other parts of the business — including Product & Technology, Engineering, Operations, Marketing, Commercial, Customer Experience, and Compliance — to embed privacy into day-to-day decision making.
• Communicating complex legal, technical, and regulatory concepts in clear, practical language to a wide range of stakeholders, ensuring privacy is understood and applied in ways that support business strategy and operational priorities.
• Mentoring and developing the privacy team, fostering a culture of accountability, collaboration, and continuous improvement.
• Supporting the DPO in representing the company before supervisory authorities, gaming regulators, auditors, and other stakeholders where necessary.

What are we looking for?

• 8–10 years of progressive experience in privacy, data protection, compliance, or closely related fields, ideally within a regulated industry such as gaming, fintech, or digital services.
• A postgraduate qualification in a relevant field (such as Information Law, Data Protection, Cybersecurity, or Information Security Management) or equivalent professional experience.
• CIPP/E, CIPP/US, CIPM, or other relevant certifications are strongly preferred.
• Demonstrated experience supporting or coordinating regulatory and auditor interactions on complex data protection issues.
• Strong knowledge of GDPR, CCPA/CPRA, NJDPA, CASL, PIPEDA, FIPPA, and other emerging privacy frameworks, with a sound understanding of international privacy law.
• Proven leadership experience managing multidisciplinary privacy teams (Analysts, Senior Analysts, Privacy Engineers, and Managers).
• Hands-on expertise with DPIAs, international transfer mechanisms, records of processing, vendor risk management, and incident response.
• Demonstrated ability to draft and oversee Data Processing Agreements, implement transfer mechanisms in line with business needs, and manage cross-border privacy compliance in a fast-moving, global organisation.
• Excellent communication and interpersonal skills, with the ability to adapt messaging to non-specialist audiences, explain privacy requirements in a commercially relevant way, and build influence with executive stakeholders.
• Familiarity with privacy technology platforms (e.g., OneTrust), as well as the ability to work with data architects, engineers, and operational teams on technical solutions.
• Ability to thrive in a fast-paced, cross-functional environment with shifting priorities, balancing compliance with commercial awareness.

What’s in it for you?

We offer our employees more than just competitive compensation. Our team benefits includes:

• Competitive compensation and comprehensive benefits
• Hybrid and Remote work
• Flexible vacation allowance
• Start up culture backed by a secure, global brand

Roster of Uniques

We care deeply about every interaction our customers have with us, and trust and empower our staff to own and drive their experience. Our vision for our business and customers is built on fostering a diverse and inclusive work environment where regardless of background or beliefs you feel able to be authentic and bring all your talent into play. We want to celebrate you being you (we are an equal opportunity employer).