Roles & Responsibilities: Conduct Data Inventory exercises, Privacy Threshold Assessments, Privacy Impact Assessments, and Data Protection Impact Assessments to identify and mitigate privacy risks related to new projects, products, or services. Develop, implement, maintain, and communicate privacy policies, processes, and procedures that comply with data privacy protection laws, regulations, and industry best practices. Participating in internal design discussions to ensure data protection requirements are clearly defined early and throughout the development life cycle for new projects. Ensuring data privacy and protection obligations are met. Monitoring changes in relevant data privacy and protection laws and regulations to ensure ongoing compliance. Manage and respond to Data Subject Access Requests (DSAR) to ensure compliance with data privacy protection laws, regulations, and guidance. Work cross-functionally with employees at all levels across the firm to ensure efficient integration of the Data Privacy Program into business processes. Guide functional departments in following the process for intake, verification, processing, analysis, and answering data subjects questions and requests under the GDPR, CPRA, and other regulations. Monitor and update (as necessary) the companys data map, which includes company and third-party managed personal information Collaborate with IT, HR, Operations, and other functional teams to ensure data protection and privacy initiatives are understood and implemented. Track and monitor updates and developments to applicable data privacy laws and regulations, as necessary. Grow and develop the privacy team, including conducting training sessions to ensure all employees are aware of and comply with data privacy policies and procedures Knowledge, Skills, Other Qualifications: Bachelors in law required - Any Specialization. Strong knowledge of U.S., EU, & Indian data privacy laws and regulations and related compliance processes. Familiarity with Canadian data privacy laws and regulations and related compliance processes. Privacy certifications in at least one of the following: CDPSE, CISA, CIPM, CIPP, CISSP, CIPT. Excellent communication (both verbal and written) and interpersonal skills. Strong decision-making, critical thinking, and organizational skills. Ability to work in a cross-functional, cross-cultural matrix environment. Experience working with cybersecurity and data forensic teams, including supporting data governance initiatives and data incident management. Ability to work independently and multitask effectively in a fast-paced environment. Minimum 8-10 years of experience working as part of an internal legal and regulatory compliance function in multinational organizations. Demonstrable privacy and data protection experience is preferable , ideally gained in a services environment or a digital business.
