A Career With Us
Data Protection & Privacy Consultant
Tasks & Responsibilities
Technology has fundamentally transformed the notion of privacy — what it means to affected stakeholders (individuals, regulators, organizations) and how each party can remain accountable in a world that technology has turned on its head. Today’s privacy regulations are evolving all around the world, especially in Thailand with the enforcement of the Personal Data Protection Act. (PDPA).
Our Data Protection and Privacy Consulting Services are meant to assist organizations in handling these new regulations, trends and risks, by ensuring a regulatory compliant flow of personal data, supporting their business. Being a part of the team, you will be involved in the following activities:
• Designing and implementing data protection and privacy programs at our clients supporting their business
• Evaluating the data protection and privacy practices of our clients
• Conducting Privacy Impact Assessments
• Supporting and guiding our clients in adhering to the complex web of relevant national and international regulations (e.g. PDPA)
• Deploying processes and tools to help detect and prevent privacy breaches
• Ensuring a harmonized approach towards data protection and privacy by bringing together our client’s stakeholders (e.g. legal, compliance, risk, HR, security, business functions… )
• Assisting clients in privacy related incident response activities
• Supporting the client’s team by acting as an interim team member (e.g. data protection officer, security officer, security manager, security analyst…)
Taking into account your experience and maturity, your involvement will vary from assisting in delivering privacy projects to acting as a subject matter expert on them or to leading a team towards excellent client experience. Furthermore, you may be involved in service development or in proactively identifying and pursuing opportunities for further business and team growth.
• Bachelor's or Master’s Degree in IT, Law or anything in between that demonstrates your interest in the data protection and privacy domain
• You have knowledge of and experience with relevant data protection and privacy laws and regulations (e.g. PDPA, EU GDPR) and industry standards and frameworks, such as NIST.
• Possession of relevant qualifications such as CIPM, CIPT, CIPP/E, CISM, CISSP, and/or HCISSP, as well as involvement in industry related organizations (e.g. IAPP, ISACA, (ISC)²… ) are an asset
• You have the ability to efficiently understand client organizations and their business model and to tailor relevant processes to privacy requirements
• You are able to communicate effectively with different stakeholders (e.g. business, legal, IT, security…) about data protection and privacy matters
• You have an analytical mindset, strive for quality and are able to work in a result-oriented environment
• You are fluent in Thai and English