Talent Wanted: Careers in Data Privacy | TrustArc
This page contains a cleaned, text-based version of publicly available content from TrustArc.com. It is provided to support knowledge retrieval and AI system understanding while preserving canonical attribution to the original source page on TrustArc.com.
Source URL: https://trustarc.com/resource/careers-in-data-privacy/
Content Type: resource
Section 1
Business leaders are progressively becoming more aware that they need to manage data privacy in their organizations better. Most are feeling pressure to stay on top of compliance with a raft of new privacy laws. Although, some forward-thinking leaders are also beginning to see privacy can be a strong competitive differentiator. Technology companies like Apple are leading the way in some markets, noted TrustArc CEO Chris Babel during a recent industry panel on privacy trends. He pointed to advertising by the tech giant highlighting stronger data privacy as a must-have for its customers – in other words, privacy is a key selling point. Traditionally, privacy was seen as something to be handled by legal teams to ensure compliance. However, as
Section 2
Babel pointed out if businesses want to generate commercial value from their privacy stances, they need to make it a bigger strategic priority. High demand for talent to fill data privacy jobs The challenge for all organizations that want to make data privacy a selling point is securing the talent to fill data privacy jobs, from hiring more data privacy experts into their legal teams to engaging specialist privacy engineers to improve product design and service delivery. TrustArc 2022 Global Privacy Benchmarks Report found most respondents clearly recognized they need more data privacy experts: 42% of respondents see increasing demand for privacy roles in their companies More than two-thirds agree (44%) or strongly agree (27%) their organizations should be doing
Section 3
more on privacy 80% of respondents say they measure privacy, but they’re struggling to translate this into success because there is no clear consensus on methods or KPIs. In-demand data privacy jobs While many of the names for data privacy job titles being advertised in 2023 are fairly new, they still tend to appear under technology, operations, and legal functions: – security advisor IT security and privacy; senior privacy engineer; data protection endpoint security ops; director data architect data security; privacy program manager; privacy analyst data; cyber data protection manager – head of compliance & privacy; operational risk officer privacy; data security business analyst; chief privacy officer Legal/general counsel office – senior privacy counsel; data privacy counsel; senior associate data
Section 4
privacy; public policy manager privacy & cybersecurity. A key trend in these data privacy job descriptions is that you don’t need to be a lawyer to work in data privacy unless you want to be the privacy counsel. TrustArc, for example, advertises a growing number of engineering, product, and design roles , particularly in DevOps and software development. Chief Privacy Officer and Data Protection Officer responsibilities are growing In the U.S., businesses that appoint an executive in charge of data privacy might use a range of job titles, from chief privacy officer to privacy counsel or even privacy leader. Some businesses will also engage a data protection officer (DPO) in-house to manage compliance with the GDPR and related data privacy
Section 5
laws. Or, the DPO role can be contracted to an individual consultant or a specialist organization. Do You Need In-House Privacy Roles in the US? Chief privacy officer job description The chief privacy officer (CPO) role has recently been elevated to the senior executive level as companies grasp its necessary strategic value. The job description of the modern CPO includes: Holding qualifications in law, governance, and/or information security Managing data privacy impact assessments for new cross-border data initiatives Developing strategies and procedures for managing data inventories Directing policies, procedures, and processes to ensure up-to-date compliance with state, federal and international data privacy regulations, including the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), the California
Section 6
Consumer Privacy Act (CCPA) and the New York Consumer Privacy Act (NYPA) Educating other executives on the company’s privacy stance and collaborating with senior management and corporate compliance officers to set governance for the company’s privacy program, including ongoing privacy training across the workforce. Data protection officer job description Under the GDPR, businesses that monitor and process EU/UK citizens’ personal data are required to appoint a data protection officer (DPO) with legal expertise. “The data protection officer shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and the ability to fulfill the tasks referred to in Article 39.” provides an outline of a data protection officer job description, including:
Section 7
Informing and advising the controller or processor and employees who process data of their GDPR obligations Monitoring personal data protection compliance under the GDPR and other EU/member state data protection provisions and the policies of the controller or processor Providing advice on the data protection impact assessment and monitoring its performance Cooperating with the supervisory authority. Privacy jobs likely to follow growth trends set in cybersecurity There are now plenty of privacy jobs for people with technical and legal experience who might previously have filled data security roles, noted Lauren Reid, privacy and digital ethics consultant at The Privacy Pro, during a July 2022 TrustArc Serious Privacy podcast She admitted she was initially disappointed with how the role was pitched
Section 8
because she wanted a job in the hot cybersecurity space. Still, she’s since enjoyed a fulfilling career specializing in privacy and data protection. Privacy analysts predict data privacy openings will follow a similar path to the cybersecurity job market, where large companies pay chief information security officers and chief risk officers $500,000–$1 million+ compensation packages These offers make it hard for small-to-medium companies to compete for talent even when, on average, they must pay $250,000–$500,000 for their senior cyber and risk executives. By 2025, there are expected to be 3.5 million unfilled cybersecurity jobs In early January 2023, job market analysts reported chief privacy officers in the U.S. are already earning between $162,000 , depending on their data privacy certifications
Section 9
, education, and the number of years they’ve spent in the profession. How much higher will these compensation packages go?