- Conduct comprehensive assessments of data privacy programs in large multinational corporations, measuring effectiveness and maturity against industry standards, regulatory requirements, and best practices.
- Identify and document compliance gaps, risks, and areas for improvement related to data governance, privacy policies, consent management, and incident response.
- Advise executive leadership and legal counsel on data privacy risks and recommended mitigation strategies.
- Provide consulting expertise related to investigating and responding to data privacy litigation and regulatory enforcement actions, ensuring alignment with legal and compliance requirements.
- Design and test privacy controls, including policies, technical safeguards, and procedural mechanisms, to ensure compliance and operational effectiveness.
- Develop and present detailed reports, dashboards, and executive summaries on privacy assessment findings, ensuring clarity and actionable insights.
- Collaborate with internal stakeholders, including legal, IT, compliance, and security teams, to align privacy strategies with business objectives.
- Support organizations in meeting regulatory compliance obligations (e.g., GDPR, CCPA, HIPAA, and other global data protection laws) through policy development, training, and implementation of privacy frameworks.
- Lead workshops and training sessions to enhance organizational awareness and culture around data privacy and protection.
- Stay informed of emerging data privacy trends, regulatory changes, and enforcement actions to proactively update recommendations and compliance strategies.
- 8 or more years of experience in data privacy, compliance, or risk management, preferably within a large multinational organization or as a consultant. Experience in a consulting environment highly desirable.
- Prior experience in Big 4 consulting firms or working with large global enterprises is highly desirable, as is expert witness testimony experience.
- Proven expertise in assessing and improving data privacy programs, policies, and processes.
- Strong knowledge of global data protection regulations, including GDPR, CCPA, LGPD, PIPEDA, and other major privacy laws.
- CIPP certification (e.g., CIPP/E, CIPP/US, CIPP/A, or CIPM) strongly preferred.
- Experience with privacy technologies and tools, such as data discovery, classification, advertising and marketing technology, and consent management platforms.
- Background in cybersecurity, IT risk management, or data governance is a plus.
- Prior experience in Big 4 consulting firms or working with large global enterprises is highly desirable, as is expert witness testimony experience.
- Experience working closely with executive leadership, legal teams, and regulatory bodies.
- Excellent communication and presentation skills with the ability to translate complex privacy issues into business-friendly language.
- Strong analytical and problem-solving abilities to identify risks and recommend pragmatic solutions.
- Ability to handle multiple projects and priorities in a fast-paced consulting environment.
- Ability to travel up to 25% for client or business needs.
- Proficient in Microsoft Excel, Access, Word and PowerPoint.
- Excellent written and verbal communication skills in English.
- Willingness to work outside of normal U.S. business hours, and in particular as unique projects/needs arise.
- Ability to work full time in an office and remote environment; physically able to sit/stand at a computer and work in front of a computer screen for significant portions of the workday.
- Must become familiar with, and promote and abide by, our Core Values as defined by the AlixPartners'
Apply for the job now! Apply Now