We are seeking a highly experienced and proactive Data Privacy Specialist to join the Job&Talent headquarters team. This is a great opportunity to take a leading role in shaping and executing our global privacy strategy, ensuring adherence to international data protection laws while supporting our expansion across various markets.

In this position, you will be a key player in our privacy operations—handling Data Subject Access Requests (DSARs), maintaining Records of Processing Activities (ROPA), assessing vendor compliance, and assisting with privacy assessments and audits. You’ll collaborate with cross-functional teams, support contract negotiations, and promote privacy by design in our products and operations. Your knowledge will be essential in embedding privacy into all aspects of our business.

If you’re eager to make a real impact in a dynamic, fast-moving environment and advance your privacy career at Job&Talent, we want to hear from you!

What you’ll do:

– Handle and respond to Data Subject Access Requests (DSARs) in accordance with relevant laws
– Assist the Data Protection Officer (DPO) in building and maintaining a scalable, well-structured privacy program, including compliance monitoring
– Support vendor risk management by reviewing vendor assessments and conducting Third-Party Impact Assessments (TIAs)
– Help manage incident response and liaise with regulators in the event of a data breach
– Contribute to the daily operations of our privacy program, including documentation, reporting, and compliance tracking
– Use OneTrust to manage key privacy workflows

What you bring:

– Previous experience in a data privacy or compliance role
– At least 2 years of experience advising on or managing data protection issues and compliance processes
– Proficiency in using OneTrust for privacy program management
– A strong team player with a collaborative approach and a proactive attitude
– Comfortable working in fast-paced, evolving environments
– Fluent in English and Spanish at a C2 level

Bonus points for:

– In-house experience at a fast-growing tech company
– Background in private practice (e.g., law firm or consultancy)
– Knowledge of data protection laws outside the EU/UK, particularly in the U.S.
– Experience in data risk management and/or supporting privacy audits
– CIPP certification (EU and/or US preferred)