Data Privacy Officer / Privacy & Data Protection Specialist

Data Privacy Officer / Privacy & Data Protection Specialist

Driving privacy governance, risk mitigation, and compliance through DPIAs and effective data subject rights management

Position Overview
We are seeking a Data Privacy Officer / Privacy & Data Protection Specialist to lead the implementation and oversight of data privacy governance practices across the organization. The role focuses on conducting Data Protection Impact Assessments (DPIAs), managing Data Subject Requests (DSRs), and supporting compliance with relevant data protection laws such as the GDPR, ePrivacy Regulation, and other global privacy frameworks.

You will work cross-functionally with legal, IT, data governance, and business teams to embed privacy-by-design principles and uphold data subject rights.

Key Responsibilities

Privacy Governance & DPIAs

• Conduct and review Data Protection Impact Assessments (DPIAs) for projects involving personal data processing
• Assess privacy risks and recommend mitigation strategies in collaboration with business and technical stakeholders
• Maintain a centralized DPIA register and ensure documentation aligns with internal policies and regulatory requirements
• Advise on privacy-by-design and privacy-by-default in new systems, services, and processes

Data Subject Request (DSR) Management

• Oversee and fulfill data subject rights requests (access, rectification, erasure, portability, objection, restriction) within legal timeframes
• Develop procedures for verifying identity, locating personal data, and securely providing responses
• Coordinate with IT and data owners to ensure efficient data retrieval and redaction where needed
• Maintain logs and KPIs to track compliance with DSR handling

Policy, Compliance & Awareness

• Contribute to the development and implementation of data privacy policies, standards, and procedures
• Support data mapping, records of processing activities (RoPA), and data classification initiatives
• Provide training and awareness programs on privacy compliance for internal teams
• Monitor regulatory developments and support compliance audits and breach response planning

Required Qualifications

• 6+ years experience in data privacy, compliance, or legal advisory roles
• In-depth knowledge of GDPR, ePrivacy, and data subject rights processes
• Experience conducting DPIAs and managing privacy documentation
• Familiarity with DSR tools and workflows (e.g., OneTrust, TrustArc, or custom-built systems)
• Excellent communication and stakeholder coordination skills

Preferred Qualifications

• Professional certification such as CIPP/E, CIPM, or equivalent
• Legal background or experience working closely with Data Protection Officers (DPOs)
• Understanding of privacy in cloud environments, HR systems, marketing, or AI governance
• Experience in a multinational or regulated sector (e.g., healthcare, finance, public sector)
• Knowledge of international data transfer mechanisms (e.g., SCCs, DPF, BCRs)