Principal Compliance and Privacy Advisor

Work Arrangement:

Hybrid (On-Site and Remote mix)

Requisition Number:

268715

Regular or Temporary:

Regular Location:

Durham, NC, US, 27710

Personnel Area:

CENTRAL ADMIN MANAGEMENT CTR

Date:

Apr 8, 2026 Be You. Duke University's Office of Audit, Risk & Compliance (OARC) is seeking a Principal Advisor for Institutional Compliance and Privacy to help guide and strengthen Duke's enterprise‑wide privacy and compliance programs. In this highly visible role, you'll partner with leaders across the university and health system to address complex privacy, data protection, and regulatory challenges in a dynamic academic and research environment. You'll play a key role in advancing privacy governance, evaluating risk, and delivering independent advisory services that support Duke's mission. From privacy assessments and vendor reviews to research protocol evaluations and regulatory analysis, your work will directly influence how Duke manages data responsibly, ethically, and in compliance with evolving laws. Minimum Requirements Education/Training Bachelor's degree in business, economics, management information systems or related field; advanced degree in public policy, information governance, privacy or law highly desirable. Professional license and/or certification in privacy, data protection, project management, compliance, investigation or other relevant professional credentials are strongly preferred. Experience Successful candidates will possess solid business acumen, well-developed analytical skills, risk and control understanding, strong relationship management abilities and the desire to achieve value-added project outcomes. Position requires at least four years' experience in compliance, privacy risk management, or related operational roles, including responsibility for project/engagement planning, executing and delivery. Experience in higher education, health systems, research environments, or professional services is preferred. Other Requirements Ability to advise on privacy‑by‑design, data minimization, data retention, and lawful processing Experience reviewing third‑party/vendor data processing agreements and privacy terms Ability to interpret and assess compliance with

FERPA, U.S.

state privacy laws, and international regulations (e.g., GDPR) Strong documentation and report‑writing skills Be Bold. Position Description (Essential Duties) Execute privacy program operations, including privacy inbox triage, data‑subject rights requests, privacy assessments, and records of processing activities Advise stakeholders on privacy governance and data protection practices Conduct privacy and compliance reviews of third‑party vendors and service providers Review IRB research protocols to identify and mitigate privacy risks Perform privacy and compliance program assessments based on OARC's strategic plan Evaluate governance, internal controls, and risk mitigation strategies across Duke Analyze compliance with applicable privacy and data protection regulations Prepare clear workpapers, reports, and executive summaries for leadership Perform independent advisory and compliance assurance engagements Collaborate with OARC colleagues and university partners to achieve effective outcomes Choose Duke. OARC is a trusted partner across Duke University and Duke Health, providing independent insight that helps leaders manage risk, strengthen controls, and meet complex regulatory obligations. As a Principal Advisor, you'll gain broad exposure to university operations while contributing meaningful, high‑impact work in privacy and compliance. Duke offers a collaborative culture, opportunities for professional growth, and a competitive benefits package designed to support your health, career, and long‑term success: https://hr.duke.edu/benefits/

Anticipated Pay Range:

Duke University provides an annual base salary range for this position as USD $68,970.00 to USD $127,008.00. Duke University considers factors such as (but not limited to) scope and responsibilities of the position; candidate's work experience, education/training, and key skills; internal peer equity; as well as market and organizational considerations when extending an offer. Your total compensation goesbeyond the dollars on your paycheck. Duke provides comprehensive and competitive medical and dental care programs, generous retirement benefits, and a wide array of family-friendly and cultural programs to eligible team members.

Learn more at:

https://hr.duke.edu/benefits/

Equal Opportunity Employer:

Duke is an Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender,gender expression, gender identity, genetic information, national origin, race, religion, (including pregnancy and pregnancy related conditions), sexual orientation, or military status. Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas—an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it isessential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values.

Essential Physical Job Functions:

Certain jobs at Duke University and Duke University Health System may include essential job functions that require specific physical and/or mental abilities. Additional information and reasonable accommodation(s) can be requested with Duke Access and Accommodations Services (email: DAAS@duke.edu; phone: 919-668-1267).

Nearest Major Market:

Durham Nearest Secondary Market:

Raleigh