Data Privacy Assessor

The Data Protection Assessor plays a pivotal role within our dynamic, global Privacy team, reporting into and collaborating closely with the Senior Manager of Data Protection Assessments to bolster and enhance the organization's data protection posture. As a core member of the broader Office of the General Counsel, this position is instrumental in safeguarding the firm's data integrity and privacy standards. The role involves conducting thorough control-based assessments of internal systems and processes to ensure compliance with global data protection regulations, firm policies, and best practices.

This position offers a unique opportunity to make a substantial impact on the firm's data protection efforts, contributing directly to maintaining the highest standards of data privacy and security. The Data Protection Assessor will play a key role in ensuring robust safeguards are in place to protect sensitive information and maintain client trust. Join our team and play a pivotal role in ensuring our organization’s data protection compliance and the responsible implementation of AI technologies.

Job Description

• Evaluate and ensure our organization’s privacy practices comply with regulatory requirements and industry standards, including, but limited to, the EU General Data Protection Regulation (GDPR), the EU AI Act, the California Consumer Privacy Rights Act (CCPA), and the Health Insurance Portability and Accountability Act (HIPAA).
• Conduct comprehensive data protection assessments of systems, processes, and tools to ensure compliance with global data protection laws and regulations, with a particular focus on Artificial Intelligence (AI) and Machine Learning (ML) systems.
• Collaborate with cross-functional systems to understand and document system architectures, data flows, and business processes to accurately assess data protection risks, including those inherent in AI implementations.
• Partner with stakeholders across the firm to implement corrective actions and enhance data protection compliance.
• Evaluate the effectiveness of data protection measures and recommend improvements.
• Develop and maintain assessment documentation, including Data Protection Impact Assessments, findings report, and remediation recommendations, with specific attention to AI-related concerns.
• Monitor the implementation of risk mitigation strategies, including those tailored to AI systems, and track progress in resolving identified issues.
• All members of the firm are encouraged to participate in our Responsible Business program; and
• Other duties as assigned.
  
  

Qualifications

REQUIRED SKILLS

• Familiarity with industry standards and frameworks related to data protection and privacy, including those that address AI-specific considerations (e.g., NIST, ISO, Fed Ramp).
• Familiarity with human resources practices and employment laws, including EEO and ADA guidelines
• Proficiency in requirements gathering, analysis, and recommendations development.
• Proficiency in conducting risk assessments, with experience in applying these to AI technologies.
• Strong analytical skills, with the ability to assess complex systems and business processes to identify potential security and privacy risks, particularly in the context of AI.
• Excellent interpersonal skills, with the ability to build strong relationships with peers and executives.
• Experience in effectively communicating, verbal and written, with both technical and non-technical roles.
• Demonstrated project management planning and skills; ability to break down complex problems into manageable goals.
• Experience with One Trust is preferred.
• Ability to travel to other U.S. offices, when needed.
  
  

Education, Certifications, And/Or Experience

• Three (3) years’ experience in information security, data privacy, and data protection fields.
• Proven experience in information security or data protection fields, with a strong understating of data protection laws and regulations, including their application to AI systems.
• Experience in consulting and risk management preferred.
• Bachelor’s degree in computer science, information technology, legal studies, education, corporate communications, or related field preferred or equivalent combination of education & experience.
• IAPP certifications (e.g.; CIPP-E, CIPP-US, AI-G, or CIPT) highly desirable.
  
  

HOURS

Core hours are Monday through Friday, 8:30 a.m. to 5:30 p.m., including one hour for lunch. Must be very flexible to work additional hours.

In Washington, DC, the annualized salary range for this position is $110,000 to $148,000 depending on the candidate's overall experience and other job-related factors permitted by law. Full time employees may be eligible for a discretionary bonus. In addition, full time employees as well as some part time employees, will be eligible for the firm’s fringe benefits as they currently exist.

This job description sets forth the authorities and responsibilities of this position and may be changed from time to time as shall be determined.

Hogan Lovells is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other factors protected by law.

This job description sets forth the responsibilities of this position and may be changed from time to time as shall be determined.

Hogan Lovells is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected Veteran status, or other factors protected by law.

Hogan Lovells complies with federal and state disability laws and makes reasonable accommodations for applicants and candidates with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, please contact our Benefits Department at LeaveofAbsence_US@hoganlovells.com.

All vacancies are open to direct applicants. Recruitment agencies; please be advised that we have a preferred supplier list in place for all roles.