Senior Privacy Specialist

Your Impact

• Contribute to the implementation and continuous enhancement of the Global Privacy Program, supporting the Data Protection Officer in ensuring compliance with GDPR and global privacy regulations.
• Support privacy workstreams within cross functional projects, providing expert guidance throughout the full lifecycle (design, implementation, testing, and evaluation) and ensuring privacy‑by‑design principles are embedded.
• Identify structural gaps and propose improvements to strengthen accountability, operational efficiency, and maturity of privacy processes.
• Conduct and oversee privacy reviews and assessments of business processes, systems, and operations to evaluate compliance with GDPR, local laws, and internal policies.
• Support the Data Protection Officer in the implementation of AI governance frameworks aligned with the EU AI Act and other applicable digital regulations.
• Contribute to the assessment of AI and automated decision‑making use cases, including preliminary risk and compliance reviews.
• Support AI‑related DPIAs and risk assessments, ensuring alignment between privacy, data protection and AI compliance requirements.
• Act as a trusted advisor to internal stakeholders, providing timely, high quality guidance on privacy requirements, risks, and mitigation strategies.
• Prepare and deliver clear, insightful reports and presentations on privacy risks, program performance, and project status for senior stakeholders and management.
• Ensure accuracy and completeness of privacy records, including the RoPA and other mandatory registers, and support their ongoing optimization.
• Negotiate data protection terms & contracts directly with vendors, ensuring robust privacy safeguards.
• Support and, when needed, independently handle data subject rights requests and personal data breach assessments, ensuring compliance with legal and internal requirements.
• Monitor global regulatory developments, enforcement trends, and industry best practices.
• Contribute to internal awareness and training initiatives, helping elevate the organization’s privacy culture.
• Collaborate with cross‑functional teams (IT, Legal, Security, HR, and more) to embed privacy‑first thinking into company processes.
• Perform other related duties as required to support the maturity and effectiveness of the privacy function.

Your Journey so far

• 3–5 years of professional experience in privacy, data protection, compliance, consulting, legal, or cross functional project environments; in‑house experience strongly preferred.
• Bachelor’s degree in Law, Business Administration, or a related field; a Master’s degree is an asset.
• Relevant privacy certifications (CIPP/E, CIPM, CIPT or equivalent) strongly preferred.
• Demonstrated experience working with GDPR and exposure to global privacy frameworks.

Your Essentials

• AI & Privacy Regulation Awareness: In‑depth knowledge of GDPR, global data protection laws (US, LATAM, APAC) and enforcement trends. Interest in or initial exposure to AI governance, automated decision‑making or emerging technology compliance.
• Working knowledge of non‑EU privacy frameworks (e.g., US, LATAM, APAC) and willingness to expand global expertise.
• Fluency in English and Italian; additional languages (French and/or German) are an asset.
• Proficiency in MS Office Suite and Outlook.
• Understanding of privacy‑enhancing technologies, security measures, and process automation. Experience with Privacy Management Software (e.g., OneTrust) is a plus.
• Strong analytical and problem‑solving skills, with the ability to assess complex scenarios and propose pragmatic solutions.
• Excellent communication and interpersonal skills, with the ability to influence and collaborate effectively across diverse teams.
• Ability to work independently, manage multiple priorities, and deliver high‑quality outputs under tight timelines.
• Willingness to undertake short business trips.
• EU Passport.