Vice President of Information Privacy & Security

Vice President of Information Privacy & Security

Join to apply for the Vice President of Information Privacy & Security role at Northleaf Capital Partners

Northleaf Capital Partners is offering the opportunity to join a leading and growing private markets manager. You will be a key member of the Technology, Data and Digital Transformation (TDT) team at Northleaf. The mandate of the TDT team is to enable efficiency, scale, and innovation for our business to deliver exceptional services to our investors and better inform decisions throughout the investment lifecycle.

TDT is a growing team with a high-performance and supportive culture. As the firm continues to grow, there is ample room for professional growth in the team. The successful candidate will gain direct insight into the workings of a global private markets investment firm.

The successful candidate will possess 10+ years of experience including 5-7 years of relevant experience in information privacy and security, ideally in a financial or professional services firm, demonstrating strong analysis, technical, and communications skills. This role will be responsible for a range of activities including :

• Privacy Program Development and Refinement
• Design and implement a comprehensive privacy governance framework aligned with regulations (e.g., GDPR, PIPEDA, APPs, GLBA) to manage personal / sensitive data ethically and lawfully.
• Develop policies, procedures, and controls for data collection, storage, processing, and breach response, ensuring alignment with organizational goals and legal requirements.
• Conduct privacy and confidentiality impact review / assessments to identify risks and establish mitigation strategies, collaborating with business units and corporate risk oversight team.
• Operational Oversight and Incident Management
• Define and manage information access hierarchy leveraging tools and AI capabilities to ensure a secure environment.
• Monitor data flows and implement systems (e.g., data mapping tools, consent management platforms) to ensure secure handling of sensitive information.
• Work with solution vendors, lead the implementation of privacy and cybersecurity tools and processes to protect data and infrastructure assets.
• Lead incident response efforts for data or cyber breaches, including coordination with stakeholders in investigations, forensic analysis, and post-incident reporting to minimize operational and reputational damage.
• Conduct vulnerability assessments, penetration tests, and audits with vendors to identify and mitigate risks across networks, systems, and applications.
• Collaboration and Continuous Improvement
• Foster awareness and skill development in data protection best practices, threat detection, analysis, and response.
• Train and collaborate with cross-functional teams to integrate security controls into projects and promote a culture of accountability for privacy.
• Advise leadership on privacy risks, regulatory changes, emerging threats, and cybersecurity investments.
• Ensure compliance with global regulations (e.g., GDPR, CCPA) and industry standards through monitoring and documentation.
• Evaluate and recommend new security technologies to improve detection and efficiency.
• Develop and enforce security policies, baselines, and incident response plans aligned with NIST frameworks.
• Refine policies, plans, and lead security awareness training to foster a culture of accountability.
• Education & Certifications
• Bachelor’s degree in Cybersecurity, Information Technology, Law, or related; master’s degree / MBA is a plus.
• Certifications such as CISSP, CISM, CIPP, CIPM, CISA, or CEH.
• Qualifications
• 5+ years in privacy management, cybersecurity, or governance roles, with success in building programs from scratch.
• At least 3 years in threat intelligence, incident response, or SOC environments.
• Experience in policy development, vendor management, and audit compliance, including managing access levels.
• Familiarity with privacy laws (GDPR, CCPA, PIPEDA), security frameworks (NIST, ISO), attack methods, network protocols, and cloud security.
• Hands-on experience with privacy-enhancing technologies and cybersecurity solutions (e.g., encryption, anonymization).
• Proficiency in data governance, incident response, and security controls.
• Experience with privacy tools and security tools like Microsoft Defender, Purview, Azure AD, Darktrace, KnowBe4, and Field Effect.
• Strong analytical, communication, and interpersonal skills.
• High ethical standards and ability to influence stakeholders without direct authority.

Interested candidates are asked to apply on Northleaf Careers. Only those selected for interviews will be contacted.

Northleaf Capital Partners is committed to inclusion and accessibility. Please inform us if accommodations are needed during the process.

About Northleaf Capital Partners

Northleaf is a global private markets investment firm with over US$28 billion raised, focusing on private equity, credit, and infrastructure. With 275 staff across multiple locations, Northleaf manages a variety of funds and tailored investment strategies for institutional investors and family offices. The firm is expanding its private markets products and solutions.

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology
• Investment Management

Referrals can double your chances of interviewing. Set job alerts for roles like “Vice President of Information Security”.