- Company Name
- Wabtec Corporation
- Job Title
- Data Privacy Specialist
- Job Description
-
Job title: Data Privacy Specialist
Role Summary
Supports enterprise‑wide privacy compliance by embedding data protection requirements into products, processes, and contracts. Manages privacy operations such as data mapping, Data Protection Impact Assessments (DPIA), system maintenance, and data subject requests while driving continuous improvement, training, and alignment with evolving global privacy laws.
Expectations
* 5+ years of privacy/data protection experience in large, complex organizations.
* Strong understanding of global privacy laws (DPR, ePrivacy, CCPA, LGPD, Privacy Act 1988, PIPEDA, POPI, EU Data Act, EU AI Act, NIS2).
* Proven project‑management and privacy compliance program ownership across cross‑functional teams.
* Ability to operationalize privacy requirements, develop standard processes, and deliver training.
* Excellent communication, client‑service orientation, and prioritization skills.
* Ability to work independently, respond urgently, and exercise sound judgment in ambiguous scenarios.
* Preferred: CIPM, CIPP, or similar certification; French or other EEA language an asset.
Key Responsibilities
1. Conduct data mapping and DPIAs in collaboration with product, engineering, legal, HR, and compliance teams.
2. Implement privacy‑compliant contractual clauses and manage related documentation.
3. Maintain the privacy compliance system (e.g., TrustArc, OneTrust) to meet ongoing obligations.
4. Process and respond to data subject requests and privacy incident reports.
5. Develop, publish, and promote privacy guidelines, standards, best practices, checklists, and training materials.
6. Lead continuous process‑improvement initiatives and simplify privacy workflows.
7. Partner with external counsel as needed for privacy matters.
8. Monitor global privacy law developments, communicate trends, and advise on risk mitigation.
Required Skills
* Deep knowledge of global privacy regulations and their application to technology/online businesses.
* Experience in data governance, impact assessments, and technical implementation of privacy controls.
* Proficiency with privacy‑management platforms (TrustArc, OneTrust, or equivalent).
* Strong project‑management, organizational, and stakeholder‑management skills.
* Excellent written and verbal communication; acute attention to detail.
* Ability to manage multiple high‑priority requests and stakeholders.
Required Education & Certifications
* Bachelor’s degree in Law, Information Technology, Business, or related field (or equivalent experience).
* CIPM, CIPP, or similar certification preferred (not mandatory).