WHAT YOU'LL DO
The Data Protection Analyst (DP Analyst) is responsible for the execution of BCG's data protection program. The DP Analyst collaborates with BCG offices and local and global functions (Legal, Information Security, Risk, HR, IT, etc.), in support of data protection processes. The role works in a matrix organization on regulatory compliance (including GDPR, LGPD and CCPA), policy compliance, documentation and record management and the fulfilment of data subject requests. The ideal candidate is resilient and persistent, has a background in a compliance or data protection and the ability to work independently in a multinational and multicultural environment.
YOU'RE GOOD AT
Responsibility for all operational aspects of BCG's global Data Protection Programme (meeting GDPR, CCPA and other data protection compliance requirements).
Want more jobs like this?
Get Data and Analytics jobs in London, United Kingdom delivered to your inbox every week.
Inform, advise and issue recommendations to data protection queries from internal stakeholders on global data privacy and personal data processing and protection requirements.
Assist with compliance gap analysis and readiness assessments for incoming legislative changes.
Contribute to Data Protection Impact Assessments in cooperation with Information Security Architects.
Create and maintain global documentation, privacy notices, privacy statements, SOPs, work instructions and guidance notes in cooperation with BCG's Legal and Information Security teams.
Manage the Data Subject Request process.
Maintain records of processing activities.
Prepare and provide reports on regulatory compliance and status of initiatives.
Assist in establishing and reinforcing data governance processes and procedures on a global, regional and local basis.
Maintain relationships with local and functional points of contact to facilitate ongoing data privacy or data management needs.
Triage data incidents and escalate any potential data breaches for investigation and resolution.
YOU BRING (EXPERIENCE & QUALIFICATIONS)
Privacy certification (e.g. CIPP/E or CIPP/US).
Understanding of international and European data protection laws and practices and an in-depth understanding of the GDPR and relevant local legislations.
Understanding of data protection principles.
Experience in data privacy, data protection, information management and governance, compliance, legal, data or project fields.
Diligence, well-organized, ability to prioritize multiple tasks.
Ability to handle information and business affairs confidentially as appropriate.
Proven ability to complete tasks and to effectively manage multiple priorities under time pressure.
Good communication skills, both written and verbal; fluent in English.
Good academic credentials.
* Experience using TrustArc or OneTrust compliance management platforms is a plus.
YOU'LL WORK WITH
BCG's information technology group collaboratively delivers the latest digital technologies that enable our consultants to lead and our business to grow. For our IT jobs, we seek individuals with expertise in the areas of IT infrastructure, application development, business systems, collaborative and social technologies, information security, and project leadership.