GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation's top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. We are looking for a motivated and engaging Principal Data Privacy Consultant to join our growing Privacy Team! This is a fully remote, individual contributor role with occasional travel to support client consulting engagements. The successful candidate is a hard-working, self-motivated, data privacy professional who can help companies evaluate and enhance their data protection processes according to applicable regulations and best practices. You will mentor and share learnings with colleagues to foster a learning culture. Role and Responsibilities:
- Conduct compliance assessments against various US-based and international data privacy laws and regulations, including GDPR, CCPA/CPRA, HIPAA, GLBA, PIPEDA, PIPL, DPDPA and others.
- Develop regulatory updates to keep customers up to date on the current data security and privacy landscape.
- Research and identify applicable legal and administrative statutes/standards and other details related to customers' Data Privacy Programs.
- Develop policies, processes, and other documentation) to comply with relevant privacy regulations and frameworks.
- Perform both gap and maturity assessments against the NIST Privacy Framework.
- Provide privacy-based advisory, remediation, and strategic services to GuidePoint customers to help build or strengthen their privacy programs.
- Develop tailor made privacy programs for customers to meet their compliance requirements, while also aligning with widely accepted best practice Privacy Program functions.
- Contribute to the growth, maturation, and socialization of the GuidePoint data privacy consulting practice.
- Establish strong relationships and trust with customers to understand customers' business environments and requirements.
- Work with other GuidePoint Security practices as part of a cohesive cross-functional team.
- Support presales discussions with customers and contribute to the creation of Statements of Work (SOWs).
- Participate in webinars and other speaking opportunities to promote the Data Privacy practice.
- Provide mentorship to fellow data privacy staff.
Required Experience and Position Requirements:
- Minimum of 5 years of combined relevant privacy experience across private/public sector, consulting and/or relevant education.
- Minimum of 3 years of direct experience performing data privacy-related consulting services for clients of various verticals, including financial and insurance, retail, healthcare, service providers (SaaS, PaaS, etc.), manufacturing, critical infrastructure/energy, etc.
- Strong understanding and working knowledge of privacy frameworks, including NIST Privacy, ISO 27701, GAPP and other equivalent data privacy standards.
- Strong demonstrated experience in developing data privacy policies, standards, plans, procedures, and other documentation to support customer-adopted frameworks and industry standards.
- Strong understanding of all the functions within a data privacy program, the ability to assess the maturity of a data privacy program, perform gap assessments against data privacy frameworks and how to provide strategic recommendations and direction to senior leadership.
- Strong written and oral communication skills, which includes articulating thoughts and distilling complex problems into digestible information to be consumed by anyone from technical resources to the highest level of management; proven experience communicating clearly to technical levels up through C-Level and Board level.
- At least one active industry-recognized IAPP Certifications including CIPP/US, CIPP/E, CIPT, or CIPM.
- Strong written communication skills to aid in the creation of customer deliverables.
- Remain current on privacy laws, regulations, trends, and developments, and incorporate them into service delivery.
- Strong ability to work independently and multi-task on multiple projects simultaneously.
- Personal drive and passion for growing themselves and the Data Privacy Practice.
- Ability to simplify complex issues and provide pragmatic advice and practical solutions that can be operationalized.
- Team mindset, with ability to build strong relationships, and work collaboratively within a growing team and cross-functionally with members at all levels of the organization.
- Learning and growth mindset to keep up with emerging trends.
- Experience preparing reports and other deliverables that contain strategy, project, or technical analysis and findings in connection with consulting engagements and communicating those results to the team and client.
- Experience in project management and the ability to clearly communicate data privacy issues verbally on both a formal and informal basis to all levels of client staff.
- Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
- Team mindset, with ability to build strong relationships, and work collaboratively within a growing team and cross-functionally with members at all levels of the organization.
Preferred Experience and Position Requirements:
- Juris Doctorate degree from an accredited US school along with recent relevant Privacy Law experience.
- Demonstrated experience with assessing, developing, and implementing data governance and protection programs, including conducting data discovery of data flows and inventories, and evaluating the security and privacy controls that protect an organization's sensitive data.
- Publish content and/or perform conference speaking to demonstrate thought leadership
- Conference and webinar speaking experience.
- Expert knowledge of US and EU privacy laws.
- Experience implementing and/or developing programs leveraging OneTrust or other prominent privacy platforms.
- Solid understanding of the role of Artificial Intelligence (AI) and automated decision-making technology as it relates to Personal Information (PI).
We use Greenhouse Software as our applicant tracking system and Free Busy for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application. Why GuidePoint?
GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1000 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 4,200 customers.
Firmly-defined core values drive all aspects of the business, which have been paramount to the company's success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity. This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.
Some added perks....
- Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
- 100% employer-paid medical premiums (employee only $0 deductible and HSA plans) along with 75% employer-paid family contributions
- 100% employer-paid dental premiums (employee only) along with 75% employer-paid family contributions
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option
|