Privacy & Data Governance Specialist

<p>We are looking for a <span style="font-weight: bold">Privacy & Data Governance Specialist</span> to join our growing team and help strengthen our global privacy, data governance, and compliance framework. This role is ideal for a professional who enjoys working at the intersection of privacy, technology, regulation, and business operations in a fast-paced, international environment.<br><br></p> <p>You will partner closely with Information Security, Product, Marketing, and Operations teams to ensure that privacy and data governance requirements are effectively embedded across our products, services, and internal processes.<br><br></p> <p><span style="font-size: 12pt; font-weight: bold">What You'll Do</span></p> <p>As a key member of our compliance function, you will:</p> <ul> <li>Support and enhance compliance programs related to privacy, data protection, marketing compliance, AI governance, and broader data management initiatives.</li> <li>Provide guidance on the collection, use, sharing, retention, and protection of personal data across products, services, and internal business processes.</li> <li>Assist in the development, maintenance, and continuous improvement of privacy policies, procedures, standards, templates, and related documentation.</li> <li>Maintain and update Records of Processing Activities (RoPA), working closely with Information Security and operational teams to document new and modified processing activities.</li> <li>Conduct privacy reviews and assessments as part of supplier onboarding, due diligence, and contract renewal processes.</li> <li>Support responses to customer privacy and compliance questionnaires, audits, and due diligence requests.</li> <li>Create and maintain customer-facing privacy documentation, notices, disclosures, and materials explaining our privacy and data protection practices.</li> <li>Partner with Marketing and Communications teams to ensure compliance with privacy requirements related to websites, cookies, tracking technologies, consent management, and marketing campaigns.</li> <li>Advise on privacy and compliance considerations for data management, data governance, and information lifecycle initiatives.</li> <li>Support the negotiation and review of privacy, data protection, confidentiality, and security provisions in customer, supplier, and partner agreements.</li> <li>Assist with Data Protection Impact Assessments (DPIAs), Legitimate Interest Assessments (LIAs), transfer impact assessments, and other privacy risk assessments.</li> <li>Monitor developments in global privacy, cybersecurity, AI, and data-related regulations, and help implement necessary updates to policies, processes, and controls.</li> <li>Collaborate with cross-functional stakeholders to identify privacy risks and develop practical, business-oriented solutions.<br><br></li> </ul> <p><span style="font-size: 12pt; font-weight: bold">What We're Looking For</span></p> <ul> <li>Bachelor's degree in Law, Compliance, Business, Information Governance, or a related field.</li> <li>5–7+ years of experience in privacy, data protection, compliance, legal, risk, or data governance functions.</li> <li>Strong understanding of GDPR and European privacy and data protection requirements.</li> <li>Experience supporting privacy programs in a regulated or complex data-processing environment.</li> <li>Ability to translate regulatory requirements into practical business guidance.</li> <li>Excellent drafting, communication, stakeholder management, and project coordination skills.</li> <li>Strong analytical mindset with attention to detail and a proactive approach to problem-solving.</li> <li>Comfortable working independently while collaborating across multiple teams and jurisdictions.<br><br></li> </ul> <p><span style="font-size: 12pt; font-weight: bold">Preferred Experience</span></p> <p>We would be particularly interested in candidates who have experience working within:</p> <ul> <li>A European law firm advising on privacy, technology, or regulatory matters.</li> <li>A regulated financial services, fintech, payments, banking, or insurance organization.</li> <li>A European regulatory or supervisory authority.</li> <li>A technology company handling significant volumes of customer or sensitive data.</li> <li>An international organization operating across multiple jurisdictions.</li> </ul> <p>The following would be considered strong advantages:</p> <ul> <li>Experience supporting AI governance, data governance, or information management programs.</li> <li>Exposure to international privacy frameworks beyond GDPR.</li> <li>Experience negotiating commercial contracts with privacy and data protection provisions.</li> <li>Professional certifications such as CIPP/E, CIPM, CIPT, or equivalent.</li> <li>Experience working in multinational or cross-border environments.</li> </ul>