Grant Thornton LLP (Grant Thornton) is the U.S member firm of Grant Thornton International Ltd., one of the world’s leading organizations of independent audit, tax and advisory firms. We’ve never been a typical professional services firm. We put people first, and that is what sets us apart.
As one of the fastest-growing professional services firms in the world, Grant Thornton LLP is continuously seeking top talent. Discover a place where you’ll work with a team of professionals, dedicated to providing bold leadership and distinctive client service. Spend each day engaged in meaningful and challenging work. Be supported in your professional growth and recognized for your contributions.
Privacy and Data Protection Manager
With the increasing complex global privacy regulatory environment, companies are working to implement privacy programs to address compliance and reduce the risk of a breach of personal information, while focusing on the customer experience. Grant Thornton's Cyber Security and Privacy practice helps companies address these issues within our Privacy and Data Protection discipline. Our practice focuses not only on helping companies assess their compliance obligations through data inventory and compliance readiness projects, but also end to end privacy program implementations. Our implementation work includes all aspects of the privacy program, including data inventory, privacy notice, individual rights management, data deletion programs, unstructured data programs, automated data discovery, privacy solution implementation, vendor management and more.
Our Privacy and Data Protection discipline offers an opportunity for you to leverage your privacy and information security knowledge, assessment and program implementation experience to broaden your business and project management skills in a rewarding and challenging environment. The Privacy and Data Protection Manager is responsible for business development, delivering a full range of services to clients and project and engagement management for multiple clients. Responsibilities include engagement planning, directing, and completion of data inventory, compliance readiness assessments (GDPR, CCPA), and privacy program implementations; developing and supervising other Grant Thornton project teams; and leading client management and practice development activities.
Essential Duties and Responsibilities
- Adhere to the highest degree of professional standards and strict client confidentiality.
- Deep understanding of global privacy and data protection regulations, such as EU’s GDPR, CCPA, HIPAA, GLBA.
- Lead the execution of assigned client engagements from start to finish, which includes the engagement planning, directing, and completion of data inventory, compliance readiness assessments (GDPR, CCPA), and privacy program implementations, while managing those engagements to budget.
- Apply current knowledge of privacy and data protection trends and to issues and other opportunities for improvement.
- Assist clients in planning and executing remediation plans identified in assessment activities.
- Work with the client to plan an engagement strategy, define objectives, and address privacy- related controls risks and issues.
- Proactively interact with key client management to gather information, resolve problems and make recommendations for improvements.
- Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment.
- Work closely with Grant Thornton senior managers and partners to promptly identify and resolve client problems or issues.
- Collaborate with team members at all levels in the development and marketing of the privacy service offering.
- Support business development activities including client prospecting, proposal development and professional networking.
- Support development of thought leadership, external webcasts and other brand building activities.
- Additional duties as assigned.
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science or a related field is required. Masters or JD degree preferred.
- 6+ years of related work experience in a similar consulting practice or function, servicing cross- industry clients at a national level.
- Certification(s) Preferred: Obtained or demonstrates an active pursuit of one or more of the following certifications: Certified Information Privacy Professional (CIPP), Certified Information Privacy Technologist (CIPT), Information Systems Security Professional (CISSP), or other related certifications.
- Experience working with the GDPR, CCPA, HIPAA, GLBA and other relevant privacy regulations in order to perform data inventory, compliance program assessments and privacy program implementations.
- Experience conducting privacy and security risk and/or gap assessments and internal privacy audits, reviewing privacy practices, and preparing reports and other deliverables that contain strategy, project, or technical analysis and findings in connection with consulting engagements and communicating those results to the team and client.
- Knowledge of privacy management solutions such as OneTrust, CENTRL, BigID is a plus.
- Experience in project management and the ability to clearly communicate data protection and privacy issues verbally on both a formal and informal basis to all levels of client staff.
- Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
- Ability to work additional hours as needed and travel on a regular basis to clients as required.
- Travel for this position can go as high as 60%.