Data Protection Personally Identifiable Information PII Specialist
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
ROLE OVERVIEW
- This role is designed for a professional deeply committed to safeguarding sensitive personal data and ensuring compliance with global and regional data protection regulations (e.g. GDPR CCPA Qatar PDPPL). You will lead efforts to identify classify and protect PII across the organization while embedding privacybydesign principles into business processes. Your responsibilities will span data lifecycle governance thirdparty risk management regulatory compliance and incident response ensuring that all data processing activities align with legal and ethical standards.
- This position requires a strategic thinker who can balance technical controls with regulatory requirements collaborate crossfunctionally to mitigate risks and foster a culture of data privacy
KEY RESPONSIBILITIES
1. Data Governance & Compliance
Data Lifecycle Governance:
- Design and implement endtoend data lifecycle policies to govern data from creation/collection to archival and secure deletion ensuring compliance with legal regulatory and business requirements.
- Define retention schedules archival protocols and secure disposal methods for sensitive data (e.g. PII financial records) in collaboration with legal and IT teams.
Data Classification
- Develop / Enhance Data Classification Frameworks: Design and implement a tiered classification system (e.g. Public Internal Restricted Confidential) to categorize data based on sensitivity regulatory requirements and business impact.
- Define Classification Standards: Establish clear criteria for labeling data types (e.g. PII financial records intellectual property) and enforce metadata tagging for traceability.
Regulatory Compliance:
- Ensure adherence to GDPR CCPA Qatar PDPPL and other applicable laws by implementing consent management frameworks data subject rights workflows and breach notification protocols.
2. Technical Safeguards & Risk Mitigation
Data Protection Controls:
- Implement encryption tokenization and pseudonymization for PII at rest and in transit.
- Deploy Data Loss Prevention (DLP) tools to monitor and restrict unauthorized data transfers.
3. ThirdParty & Vendor Oversight
Due Diligence:
- Assess thirdparty vendors for compliance with data protection obligations through questionnaires audits and contractual reviews.
Data Processing Agreements (DPAs):
- Draft and enforce DPAs to ensure vendors adhere to organizational privacy standards and regulatory mandates.
TECHNICAL REQUIREMENTS
- Expertise in data protection technologies: DLP encryption (AES256 TLS) and anonymization tools.
- Proficiency with compliance platforms: OneTrust TrustArc or similar for PIAs and consent management.
- Familiarity with cloud security (AWS/Azure/GCP IAM storage ACLs) and data residency requirements.
- Knowledge of privacyenhancing technologies (PETs) such as differential privacy or homomorphic encryption.
- Experience with incident response tools for breach detection and analysis.
- Basic scripting skills (Python SQL) for data mapping and workflow automation.
CERTIFICATIONS
- Required: CIPP (Certified Information Privacy Professional) or CIPM (Certified Information Privacy Manager).
- Preferred: ISO 27001 Lead Implementer CDPSE (Certified Data Privacy Solutions Engineer).
- Advantageous: Cloudspecific certifications.
REQUIRED EXPERIENCE
- 3 years in data protection privacy compliance or PII governance roles.
- Demonstrated experience conducting PIAs managing DSARs and responding to data breaches.
- Proven track record in implementing GDPR/CCPA/Qatar PDPPL requirements within complex organizations.
- Familiarity with thirdparty risk management frameworks and contract negotiation.
IDEAL CANDIDATE PROFILE
You are a detailoriented professional with a deep understanding of global privacy regulations and the technical acumen to translate legal requirements into actionable controls. You thrive in collaborative environments excel at simplifying complex privacy concepts for nontechnical stakeholders and are passionate about fostering a privacyfirst culture. Your ability to balance proactive risk mitigation with operational efficiency will be critical in protecting the organization’s reputation and maintaining stakeholder trust.
Skills
Proactive, Loss Prevention, Iso 27001, Devops, Azure, Policy Development, Information Security, Compliance, Intellect, Python, Data Handling, Workflow, Iam, Excel, Triggers, Detail-oriented, Sql, Design Principles, Trends
Employment Type
Full Time
