Seasoned Data Privacy Consultant (Manager or Director)

Gray Reed Advisory Services • Dallas, TX, US • $150k - $200k / year • 23h ago

Seasoned Data Privacy Consultant (Manager or Director)

POSITION LOCATION

Dallas, TX; In-office, no remote work option
Houston, TX; In-office, no remote work option
Travel to non-home office regularly and/or as requested (e.g., If your home office is Houston, you may be asked to travel to Dallas or Waco.)

INDUSTRY EXPERIENCE

The ideal candidate will have 7-15 years of applied consulting skills and expertise within the data privacy domain. At a minimum, the candidate must have at least 5 years of full-time data privacy consulting experience working within a nationally recognized consulting firm or professional services company.

JOB DESCRIPTION

Gray Reed Advisory is a business consulting subsidiary of Gray Reed that offers business solutions to drive measurable improvements in profitability, efficiency, operations and compliance, along with expertise in crisis communications, public relations and government affairs, under our GRPR brand.

The Data Privacy Consultant role presents a distinctive opportunity to be at the forefront of our firm’s growth and innovation. This position will play a key part in:

Shaping and strengthening our data privacy and IT/cybersecurity solutions
Contributing to the development of methodologies and frameworks
Establishing and refining our consulting operations
Driving the integration of data privacy and cybersecurity practices to deliver comprehensive solutions to our clients

As one of the subject matter experts on the data privacy consulting team, the Data Privacy Consultant will primarily be involved in leading and/or supporting project teams and engagements designed to assist clients in meeting data privacy compliance, risk management and implementing or managing various governance frameworks that support these domain areas relevant to their business. This role will participate in developing, overseeing and/or supporting consulting methodologies, solutions and practices that include but are not limited to:

Leading or contributing to the execution of complex assessments of programs, IT systems and business processes.
Overseeing, reviewing, and/or drafting documentation and deliverables such as weekly status reports, project plans, policies and program components.
Directing and/or supporting project team analyses and evaluations resulting from assessment and audit findings.
Assessing programs, IT systems and business processes.
Contributing to team assignments and drafting documentation such as weekly status reports, project plans, developing policies and drafting components of programs.
Serving as a member of or leading delivery teams (comprised of 2-5 individuals) for the implementation of client policies, procedures and governance practices to help clients manage their risk and achieve regulatory compliance for Data Privacy, IT/Cybersecurity or Information Governance programs.
Supporting project team analyses and evaluations as a result of assessment and audit findings.
Contributing to risk determinations, identifying compliance gaps, and capturing observations as defined by various IT Security, Privacy and Cyber frameworks.
Participating in business development activities, including proposal writing and client presentations.

This role may also assist client teams with the implementation of policy, procedures and governance practices to manage risk and achieve regulatory compliance for Data Privacy, IT/Cybersecurity or Information Governance programs.

In addition, when not delivering on client engagements, this role will be actively involved in solution and business development, such as refining engagement tools and templates. enhancing solution offerings, networking with potential clients, and developing client pitches and proposals.

REQUIRED EXPERIENCE & CERTIFICATIONS

Bachelor’s degree with a focus in Public Policy, Information Management, Information Security, Data Governance or Pre-Law.
7+ of full-time experience in assessing, building or implementing data privacy leading practices, methodologies and technical approaches and industry frameworks (HIPAA, GDPR, GLBA, or PCI).
Must have a consulting background with experience managing teams and/or juggling multiple projects (Big 4 experience preferred).
Experience selling professional services preferred.
Professional Certification: International Association of Privacy Professionals (e.g., CIPM, CIPP/US or CIPP/EU).

SKILLS AND KNOWLEDGE

Deep understanding of state, regional and global data privacy regulations and frameworks. (Please note: This role does not serve US federal government departments nor agencies clients. It is almost entirely focused on serving private sector companies and organizations.)
IT Security a plus (in addition to the required privacy certification), such as those provided ISC2 (e.g., CISA, CISM, CISSP).
Practical experience in the application of IT Security and Privacy governance frameworks, program assessments or audits, vendor risk analyses and demonstrated consulting experience supporting client engagements within two or more industry sectors: finance, healthcare, energy, retail, education, telecom, entertainment, hospitality or transportation manufacturing.
Proven track record of executing complex data privacy projects.
Experience with AWS, Google Virtual Private Cloud, Microsoft cloud services, OneDrive, SharePoint and Visio preferred.
Ability to maintain a high standard of professionalism and confidentiality.
Capability to communicate with professionals across all levels of an organization.
Flexibility to serve in various roles as needed depending on team needs to include but not limited to engagement leader, project manager, subject matter team expert and task support.
Ability to establish and preserve an excellent relationship with clients and within Gray Reed.
Strong organizational abilities and superb written and verbal communication skills.
Experience developing pitch decks and proposals, engaging in business development initiatives, contributing to blogs and/or thought leadership, and speaking at relevant events.
Capacity to successfully multitask whether working alone or in a group setting.
Practical familiarity with technology for managing security controls, third party risk, data mapping, risk assessments, and compliance monitoring.
Exhibits a keen ability to define problems, collect data, establish facts and draw valid conclusions.
Quick to interpret technical and/or abstract data and define solution design.
Ability to travel (up to 20%), as required, to complete projects on a domestic and/or global scale.

DUTIES AND RESPONSIBILITIES

Engages in the development and delivery of data privacy, cybersecurity risk and compliance solutions including building programs, assessing or auditing existing programs/practices.
Acquires knowledge of risk management frameworks and techniques as well as the business. Identifies any potential problems or technical difficulties and, after they have been verified, notifies and works with the project team, the client and other stakeholders to resolve issues.
Drafts "gap analyses" and assessment results with observations inclusive of recommended remediation and mitigation steps.
Prepares presentations for client meetings such as weekly status reports, kickoff decks and final reports.
Participates in remediation planning by outlining client requirements that relate to frameworks such as GDPR, PCI, Nymity, ISO, NIST and CIS.
Participates in internal project team working sessions, stakeholder discussions and client meetings, records internal dialogues, client interviews and preserves report and memorandum contents.
Staying abreast of emerging trends, regulations and best practices in data privacy and related fields.
Builds and maintains relationships within Gray Reed.
Builds and preserves connections with project team members and employees of clients.
Develop pitch materials and client proposals.
Other duties as required.

DIRECT REPORTS AND RELATIONSHIPS

This position reports to the Principal, Cybersecurity, Data Privacy & Security Advisory.
This position works alongside Managing Principal, Gray Reed Advisory Services.

PERSONAL ATTRIBUTES

Ability to work collaboratively and foster a team-oriented environment.
Ability to think strategically and execute tactically.
Excellent analytical and problem-solving skills.
Strong work ethic and commitment to delivering exceptional client service.
Self-motivated with the ability to identify and capitalize on new business opportunities.
Entrepreneurial spirit with a passion for building and growing services, eager to take initiative in identifying new opportunities.
Effective written and verbal communication skills.

SALARY / CASH COMPENSATION

$150,000 - $200,000 (salary commensurate with experience)
Bonus opportunities

BENEFITS

401k – 5% company match
Paid parking or mass transit subsidy
Paid time off – 3 weeks of vacation time per year (increasing with tenure), 10 holidays
Paid parental leave
Healthcare and wellness plans with 100% company paid premiums (medical, dental, vision)
HSA with Employer Contribution
Accidental death & dismemberment insurance
Life insurance
Paid short-term and long-term disability
Paid Identity Protection Service
Paid Critical and Accidental Supplemental Coverage
Employee Assistance Program
Concierge Health Advocate Service