Global Head of Data Protection & Privacy

Ihre Rolle

1. Global Strategy & Governance

• Develop, maintain, and continuously enhance the company’s global data protection and privacy strategy.
• Establish global privacy governance structures, including policies, standards, and procedures.
• Function as the organization’s primary subject matter expert for global privacy and data protection laws.

2. Regulatory Compliance

• Ensure compliance with major privacy regulations (GDPR, CCPA/CPRA, UK DPA, LGPD, PDPA, etc.).
• Oversee data mapping, Record of Processing Activities (RoPA), and Data Protection Impact Assessments (DPIA).
• Monitor global regulatory developments and assess implications for the organization.

3. Data Protection Officer (DPO) Responsibilities

• Serve as the appointed DPO under GDPR, including acting as point of contact for supervisory authorities.
• Advise on privacy obligations and monitor compliance with relevant data protection laws.

4. Privacy Operations & Risk Management

• Lead global privacy risk assessments and implement mitigation plans.
• Oversee third‑party risk management for vendors and partners handling personal data.
• Ensure proper incident response processes for privacy-related breaches in coordination with IT Security.

5. Training & Awareness

• Develop and roll out global privacy training programs for employees and managers.
• Promote a data protection culture across the company.

6. Business Partnering

• Advise the departments in the organization on privacy-by-design requirements.
• Review and negotiate data protection clauses and Data Processing Agreements with partners and vendors.

7. Audits & Reporting

• Lead internal audits and coordinate external audits related to privacy and data protection.
• Provide regular reporting to the Executive Committee and Board-level audit or compliance committees.

Ihr Profil

Education

• Master’s degree in Law, Compliance, Information Security, or related field preferred.
• Certifications such as CIPP/E, CIPM, CIPT, or ISO 27701 Lead Implementer are a strong asset.

Professional Experience

• 7–10 years of experience in data protection, privacy, compliance, or related fields.
• Proven experience in global or multi‑regional privacy program management.

Skills & Competencies

• Deep understanding of global data protection laws (GDPR, CCPA/CPRA, LGPD, etc.).
• Strong technical and information security understanding
• Strong stakeholder management skills.
• Excellent analytical and problem-solving capabilities.
• Ability to manage cross-functional projects and influence senior leaders.
• Strong communication skills; able to simplify complex privacy topics for non-experts.
• High ethical standards and resilience in navigating regulatory complexity.

Success Factors

• Ability to build and maintain a robust global privacy governance framework.
• Proactive partnership with business functions to enable innovation while ensuring compliance.
• Strong risk management mindset with business-enabling orientation.
• Trusted advisor to senior leadership and confident regulator interface.