Manager, Data Protection and Privacy


Position Summary

With the increasing complex global privacy regulatory environment, companies are working to implement privacy programs to address compliance and reduce the risk of a breach of personal information, while focusing on the customer experience.  Grant Thornton’s Cyber Risk practice helps companies address these issues within our Privacy and Data Protection discipline. We focus on helping clients transform and sustain their privacy programs through automation, process re-engineering and managed services.  Our goal is not only to help clients address one-time compliance needs, but to make privacy an essential part of the enterprise value chain, continuously monitoring data privacy risks and enhancing competitive advantage in the marketplace.

Our Privacy and Data Protection discipline offers an opportunity for you to leverage your privacy and information security knowledge, assessment and program implementation experience to broaden your business and project management skills in a rewarding and challenging environment. Our clients include Fortune 500 companies across sectors such as Technology, Financial Services, Life Sciences, and Retail sectors, giving you insights into the leading privacy programs around the world. The Privacy and Data Protection Manager is responsible for delivering a full range of services to clients, managing projects, teams and budgets for multiple clients.  In addition, Managers are responsible for supporting all aspects of practice development, including business development, marketing, thought leadership, mentoring and team building.

Essential Duties and Responsibilities

  • Adhere to the highest degree of professional standards and strict client confidentiality.
  • Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment.
  • Deep understanding of global privacy and data protection regulations, such as EU’s GDPR and US laws such as CCPA, CPRA, CDPA, CPA, HIPAA, GLBA.
  • Apply current knowledge of privacy and data protection trends and to issues and other opportunities for improvement.
  • Lead the execution of assigned client engagements from start to finish, which includes the engagement planning, directing, and completion of assessments, privacy program implementations, privacy technology implementations and managed services engagements on-time and on-budget.
  • Work with the client to plan an engagement strategy, define objectives, and address privacy- related controls risks and issues.
  • Proactively interact with key client management to gather information, resolve problems and make recommendations for improvements.
  • Work closely with Grant Thornton senior managers and partners to promptly identify and resolve client problems or issues.
  • Collaborate with team members at all levels in the development and marketing of the privacy and data protection solution offering.
  • Support business development activities including client prospecting, proposal development and professional networking.
  • Support development of thought leadership, external webcasts and other brand building activities.
  • Additional duties as assigned.

Required Skills and Experience

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or a related field is required. Masters or JD degree preferred.
  • 6+ years of related work experience in a similar consulting practice or function, servicing cross- industry clients at a national level.
  • Certification(s) Required: Obtained or demonstrates an active pursuit of one or more of the following certifications: Certified Information Privacy Professional (CIPP), Certified Information Privacy Technologist (CIPT), Information Systems Security Professional (CISSP), or other related certifications.
  • Experience working with leading privacy regulations to perform privacy assessments and support privacy program implementations.
  • Experience preparing reports and other deliverables that contain strategy, project, or technical analysis and findings in connection with consulting engagements and communicating those results to the team and client.
  • Knowledge of privacy technology solutions and experience implementing and sustaining tools such as OneTrust, WireWheel,, BigID is a plus.
  • Experience in project management and the ability to clearly communicate data protection and privacy issues verbally on both a formal and informal basis to all levels of client staff.
  • Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
  • Ability to work additional hours as needed and travel on a regular basis to clients as required.