Director, Privacy Operations and Data Governance / Datacenter Technology

FTI Consulting

About the Role:

We work with corporations, governments, and law firms to meet legal, regulatory, and investigative demands by leveraging our skills to enable our clients to more confidently govern, secure, find, examine, and rapidly understand their data in the context of compliance and risk.

The in-house (non-consulting) Director works as a member of our Service Delivery, Privacy and Data Governance Compliance team within the Technology practice. In this operational leadership position, you will foster intergroup relationships while ensuring governance, compliance and best practices. You will influence and drive core data governance and program objectives by leveraging your  passion for privacy operations with technical, GRC and legal acumen. You will help  lead global privacy operations, delivery and data governance for the Technology practice, working transversally with legal, sales, professional services, security and data center operations teams to reflect FTI Technology’s commitment to data protection and viable service delivery throughout the organization.
Primary Duties
  • Review and negotiate  both client and vendor agreements accounting for; security, risk, privacy, technical operations, data governance and compliance in order to enable projects and client engagements.
  • Monitor and evaluate changes to applicable privacy, data protections laws  and other applicable industry standards rationalizing requirements, making recommendations and evangelizing change when appropriate.
  • Partner with teams and data stewards to coordinate and perform various audits and assessment (PIA, DPIA, Data Inventories, etc.) as needed to ensure ongoing compliance and appropriate risk management ( internal and external).
  • Serve as the primary point of contact  and conduit for the internal business in EMEA regarding data privacy operations, technical operations, best practices and service enablement.
  • Work with US team to transform, optimize and further strengthen current processes, technology, posture and scale in order to support  future state.
  • Lead applicable programs and projects from initial concept through the full project lifecycle embedding key principles such as privacy and security by design.
  • Partner with teams to further expand our privacy operations and governance framework.
  • Collaborate with the Information Security team to provide guidance and raise employee awareness regarding data privacy and security risks and provide relevant training.
  • This role requires travel to clients and FTI offices.
Qualifications 
  • Bachelor’s degree required. Additional relevant advanced degree(s) (e.g. Solicitor, Juris Doctor, master’s in legal studies) highly preferred.
  • 8+ or more years of applicable work experience with at least 5 of those years in information technology, information security and/or operational risk management  in the context of enterprise IT systems and specifically, SaaS, IaaS or hybrid cloud environments.
  • 1+ years’ experience procuring, navigating, and reviewing commercial agreements involving complex data protection schedules, cross border data transfers and operational service levels.
  • Expert knowledge of  EU/ US data privacy and data protection regulation and hands on experience applying these to enterprise information assets and operational approaches related to data protection.
  • Knowledge and continued  interest in  major regulatory and compliance frameworks NIST, ISO 27001, ISO 27018, PCI DSS, HIPAA, etc.
  • Ability to develop and maintain strong partnerships and influence across organizations at all levels without direct reporting relationships.
  • Confidence and demonstrated experience to make complex decisions at pace in a rapidly evolving environment; ability to diplomatically identify noncompliance even if unpopular.
  • Ability and desire to take initiative, work with autonomy,  quickly risk-assess and prioritize based on business value.

Preferred Qualifications

  • At least one CIPP (US or E), CIPT, CIPM, CRISC, and/or other relevant privacy, information governance, security or data governance certification highly desired
  • PMP or other demonstrated project management expertise
  • Familiarity and ideally, previous experience with at least one major data governance enterprise platform and a CLM

Tagged as:

Job Overview