Data Privacy Senior Consultant

New York, NY, USA | PA Consulting

  • Industry:
    Management Consulting
  • Position Type:
    Full-Time
  • Functions:
    Consulting - IT
    Legal / Compliance
  • Experience:
    7-10 years
Job Description:
124 people have viewed this job

PA Consulting Group is currently looking for an experienced Data Privacy Consultant to join our team in the US. This individual will be aligned to our Life Sciences Sector team, but will have the opportunity to work across sector teams.


Establishing trust and confidence when doing business and carrying out personal transactions is of vital importance in an increasingly interconnected world. Organizations have a duty of responsibility to ensure customer, partner, and third-party information is adequately protected, particularly as technology transforms the way we interact. 


Data Privacy legislation is rapidly being adopted all around the world, and especially in the US with the enforcement of the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). PA Consulting is a thought leader in advising clients on not only how to comply with this new legislation but also how to embrace them for competitive advantage. We work with international clients in the US, UK and Europe across a wide range of business sectors.


Our Data Privacy Consulting Services help organizations assess and achieve compliance, create new business strategies to take advantage of the new legislation, monitor trends and technology, adopt new technology to make compliance more effective and implement the people and process governance to make data privacy part of business as usual. 


As part of our team, you will be involved in a variety of projects, such as: 

• Assessing data privacy compliance against the relevant legislative frameworks

• Designing and implementing data protection and privacy programs to achieve compliance

• Creating, testing and implementing new business strategies to take advantage of the legislation

• Conducting Privacy Impact Assessments 

• Third party assessments

• Data governance and discovery tool implementation

• Information flow mapping to a common standard / using tools

• Deploying processes and tools to help detect and prevent privacy breaches 

• Creating effective data privacy governance within our clients, creating a harmonized approach towards data protection and privacy by bringing together stakeholders (e.g. legal, compliance, risk, HR, security, business functions etc.) 

• Assisting clients in privacy related incident response activities 

• Supporting the client’s team by acting as an interim team member (e.g. data protection officer, security officer, security manager, security analyst etc.) 


Your involvement will vary from assisting in delivering data privacy projects to acting as a subject matter expert on them or to leading a team, typically involving both PA and client staff. Furthermore, you may be involved in development of the team or in proactively identifying and pursuing opportunities for further business and team growth.


Job Requirements

You must be an established consulting professional with 7+ years of experience in delivering projects focused on data protection and privacy laws. Ideally, you should have experience consulting with Life Sciences sector clients.


You should also have the following skills/experiences:

• Bachelor's or Master’s Degree in IT, Law or relevant field that demonstrates your interest in the data protection and privacy domain 

• Proven experience with relevant data protection and privacy laws and regulations (e.g. CCPA, EU GDPR, Privacy Shield) and industry standards and frameworks, such as GAPP and BCR 

• Possession of relevant qualifications such as CIPM, CIPT, CIPP/E, CISM, CISSP, and/or HCISSP, as well as involvement in industry related organizations (e.g. IAPP, ISACA, (ISC)²) are desirable. Where you do not have the qualifications, we will support you in achieving them

• The ability to efficiently understand client organizations and their business model and to tailor relevant processes to privacy requirements 

• To communicate effectively with different stakeholders (e.g. business, legal, IT, security) about data protection and privacy matters 

• An analytical mindset, with a focus on producing quality work in a results-oriented environment.