Lead Compliance Consultant

Target Target · Retail · Bangalore, India

Lead Compliance Consultant at Target, focused on privacy monitoring and controls assurance within the Privacy & Responsible AI function. This role translates privacy obligations into testable controls and monitoring procedures, partnering with the Responsible AI Observability function to evaluate privacy implications of AI-enabled use cases. The position requires end-to-end monitoring execution, documentation, reporting, and acting as a trusted advisor on privacy risk.

What you'd actually do

  1. Own end-to-end monitoring execution across assigned privacy domains, which may include digital advertising and adtech compliance, mobile app privacy, health privacy (including MHMDA obligations), profiling and automated decision-making-related privacy obligations, data broker obligations, financial privacy (including GLBA-related obligations), and related privacy domains. Translate control objectives into specific testing procedures, evidence requirements, sampling approaches, and pass/fail criteria within the monitoring framework established by the function.
  2. Support defensible documentation of monitoring activities, findings, remediation plans, and closure evidence.
  3. Coordinate with relevant governance and technology functions on compliance findings — documenting remediation requirements, tracking corrective action to closure, and validating that remediation adequately addresses the identified control gap.
  4. Produce management reporting clearly communicating privacy control health, high-risk areas, issue trends, remediation status, overdue actions, systemic gaps, emerging risks, and decisions needed.
  5. Exercise independent challenge over control evidence, remediation sufficiency, and closure readiness, escalating unresolved or high-risk issues through established governance channels.

Skills

Required

  • compliance
  • privacy
  • technology risk
  • GRC
  • data governance
  • monitoring
  • testing
  • assurance
  • control validation
  • privacy compliance areas
  • regulatory expectations
  • internal policies
  • risk priorities
  • testable controls
  • monitoring procedures
  • evidence requirements
  • metrics
  • dashboards
  • issue management processes
  • executive-ready reporting
  • Responsible AI Observability function
  • AI-enabled or data-driven use cases
  • profiling
  • sensitive data use
  • transparency
  • consent
  • automated decision-making-related privacy obligations
  • ongoing compliance monitoring
  • control assurance
  • privacy monitoring framework
  • end-to-end monitoring accountability
  • digital advertising and adtech compliance
  • mobile app privacy
  • health privacy
  • MHMDA obligations
  • data broker obligations
  • financial privacy
  • GLBA-related obligations
  • defensible documentation
  • remediation plans
  • governance and technology functions
  • remediation requirements
  • corrective action
  • management reporting
  • privacy control health
  • issue trends
  • remediation status
  • systemic gaps
  • emerging risks
  • independent challenge
  • remediation sufficiency
  • closure readiness
  • governance channels
  • cross-functional governance forums
  • working sessions
  • issue review meetings
  • dashboard reviews
  • quarterly management updates
  • trusted advisor
  • privacy risk
  • control gaps
  • remediation needs
  • practical business language
  • continuous improvement
  • automation opportunities
  • privacy monitoring maturity
  • dashboard reliability
  • operational efficiency
  • control effectiveness
  • external privacy, compliance, digital advertising, and data governance networks
  • emerging risks
  • regulatory expectations
  • standards
  • best practices
  • development of junior members

Nice to have

  • CIPP/US
  • CIPP/E
  • CIPM
  • CIPT
  • CISA
  • CRISC
  • CIA
  • CDPSE
  • relevant privacy, compliance, audit, risk, governance, or technology certifications

What the JD emphasized

  • high-risk privacy domains
  • privacy monitoring
  • privacy controls assurance
  • Responsible AI Observability function
  • AI-enabled or data-driven use cases
  • automated decision-making-related privacy obligations
  • high-regulatory-risk privacy domains
  • privacy control implications
  • privacy risk