Data Privacy Consultant

As a Senior Consultant specializing in Data Privacy, you will lead and support client engagements focused on data privacy compliance, data classification and mapping, and data flow analysis. You will work with cross‑functional teams to assess privacy risks, implement data governance frameworks, and ensure compliance with global regulations such as GDPR, CCPA, ISO27701 and others.

• Conduct privacy and data protection assessments, including Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Design and implement data classification and mapping frameworks to support data governance and compliance.
• Analyze and document data flows across systems, departments, and third parties.
• Develop and maintain Records of Processing Activities (RoPA).
• Advise clients on privacy by design, data minimization, and secure data lifecycle management.
• Support the development and implementation of privacy policies, procedures, and training programs.
• Collaborate with legal, IT, and compliance teams to align privacy strategies with business objectives.
• Monitor and interpret emerging privacy regulations and industry best practices.
• Assist in incident response planning, breach notification, and regulatory inquiries.
• Provide strategic guidance to Data Protection Officers (DPOs) and privacy teams.

• Bachelor’s or master’s degree in law, Information Security, Computer Science, or a related field.
• Minimum 4–6 years of experience in data privacy, data governance, or compliance roles.
• Strong knowledge of GDPR, CCPA, HIPAA, ISO27701 and other global privacy regulations.
• Proven experience in data classification, mapping, and data flow analysis.
• Excellent communication and stakeholder management skills.

• CIPP/E, CIPP/US – Certified Information Privacy Professional (Europe/US)
• CIPM – Certified Information Privacy Manager
• ISO/IEC 27701 Lead Implementer or Auditor

• Experience delivering client‑facing data privacy and data governance projects.
• Ability to translate regulatory requirements into actionable project deliverables.
• Strong client engagement and communication skills to support workshops and training.
• Familiarity with data governance tools in client environments.
• Ability to manage multiple client projects and deliverables in a consulting environment.

• UAE National Data Classification Policy (NDC)
• UAE Data Protection Law (Federal Law No. 45 of 2021)
• DAMA‑DMBOK (Data Management Body of Knowledge)
• DCAM (Data Management Capability Assessment Model)
• ISO 27001 / ISO 38505 (Data Governance in IT)
• NIST Privacy Framework