Job discovery
Loading Irish roles matched to your profile…
Role detail
The role We are seeking an experienced data privacy professional to join our growing Data Privacy practice at Senior Consultant or Assistant Manager level. You will support and lead client engagements covering GDPR, the Irish Data Protection Acts, ePrivacy, and adjacent regimes such as the EU AI Act, NIS2, DORA and DSA where they intersect with personal data. Working alongside our Partners, Managers and our outsourced DPO team, you will help organisations across financial services, public sector, healthcare, life sciences and technology to operationalise privacy-by-design, respond to regulators, fulfil data subject rights, and embed continuous privacy compliance monitoring programmes Key Responsibilities • For all levels: • Deliver GDPR and Data Protection Act compliance assessments, gap analyses and maturity reviews against recognised frameworks (e.g., ICO/DPC guidance, EDPB guidelines, ISO/IEC 27701, NIST Privacy Framework). • Design and operate Data Protection Impact Assessment (DPIA) methodologies, including supporting clients with high-risk processing reviews and remediation tracking. • Support the design and execution of Subject Access Request (SAR) / Data Subject Rights processes, including verification, scoping, data discovery, review and redaction, and secure delivery. • Lead and support Records of Processing Activities (RoPA) development, data mapping, and lawful basis analysis. • Draft and review privacy notices, consent mechanisms, data processing agreements (DPAs), Standard Contractual Clauses (SCCs) and Transfer Impact Assessments (TIAs). • Support Personal Data Breach Management — triage, root-cause analysis, regulator (DPC) notification, and post-incident lessons learned. • Contribute to outsourced DPO and DPO-as-a-Service engagements, including privacy compliance monitoring programmes, training, governance committee reporting, and Board-level updates. • Map privacy obligations to adjacent regimes (NIS2, DORA, EU AI Act, DSA) and embed within client GRC operating models. • Contribute to internal methodology development, proposals, thought leadership and client presentations. Additional Responsibilities at Assistant Manager Level • Manage day-to-day delivery of small/medium engagements; coordinate workstreams, budgets, timelines and quality of deliverables. • Act as primary day-to-day client contact, including liaison with DPOs, CISOs, Legal and Compliance functions. • Coach and review the work of Consultants and Senior Consultants; contribute to performance feedback. • Support business development through proposal authoring, fee modelling, and identification of cross-sell opportunities into Cyber, Risk Advisory and Forensics. • Represent the firm at industry events (IAPP, ACOI, ISACA Ireland) and contribute to GT Ireland's privacy thought leadership. Skills & Experience • Bachelor's degree in Law, Information Systems, Cybersecurity, Business or related discipline. • Hands-on GDPR/DPA compliance experience gained in consulting, in-house DPO office, regulator, or law firm. • Working knowledge of DPIA methodologies, SAR fulfilment, RoPA, international data transfers (SCCs, TIAs, BCRs), and breach management. • Familiarity with adjacent EU regulation: ePrivacy, NIS2, DORA, EU AI Act, Digital Services Act. • One privacy certification, e.g., CIPP/E, CIPM, or CDPSE. • Excellent written communication, able to draft client-ready policies, DPIAs, board papers and regulator correspondence. Assistant Manager (Desired Experiences) • All of the above, plus • Demonstrable experience leading multi-stream privacy programmes (e.g., outsourced DPO, group-wide GDPR remediation, BCR design, M&A privacy due diligence). • Two or more relevant certifications, e.g., CIPP/E + CIPM, CDPSE, ISO 27701 Lead Implementer/Auditor, CISM/CISSP (where privacy and security responsibilities overlap). Desired Skills • Experience engaging directly with supervisory authorities on enquiries, complaints, audits or breach notifications. • Track record of mentoring junior staff and supporting proposal/BD activity. • Sector depth in one or more of: financial services, public sector, health/life sciences, technology/online platforms. • Experience with privacy technology platforms (OneTrust, BigID, TrustArc, Microsoft Purview). • Understanding of AI governance frameworks (ISO/IEC 42001, NIST AI RMF) and the EU AI Act's interaction with GDPR. • Knowledge of cross-border transfer mechanisms post-Schrems II and emerging EU–US Data Privacy Framework developments. • Experience supporting clients through DPC investigations or inquiries.