Data Privacy Architect

Role: Data Privacy Architect

Role Summary

We are seeking an experienced Data Privacy Architect / Consultant with deep hands-on expertise in OneTrust platform implementation to lead end-to-end deployment of privacy consent and governance modules for enterprise clients. The role combines privacy domain consulting with technical OneTrust configuration enabling clients to operationalize applicable Privacy Laws/Regulation through scalable automated and audit-ready solutions. The role expects to also advise clients on operationalizing GDPR and other Data Privacy laws/regulations through OneTrust workflows and controls.

Key Responsibilities

• OneTrust Solution Design & Implementation

• • Lead end-to-end OneTrust implementation across all modules
  • Translate client privacy requirements into OneTrust configurations workflows templates and integrations.
  • Design module-specific blueprints covering data inventory assessment templates consent receipts DSAR intake forms and risk scoring models.
  • Configure workflows approval chains notifications dashboards and reports aligned to client governance models.

• Integration & Technical Architecture

• • Define and execute integration architecture between OneTrust and enterprise systems - CRM (Salesforce) ERP (SAP) HRMS (Workday) marketing platforms (Adobe Marketo) data catalogs (Collibra Informatica) ITSM (ServiceNow) IAM/CIAM and data lakes.
  • Configure OneTrust connectors APIs webhooks and SDKs (Web SDK Mobile SDK) for consent propagation and data discovery.
  • Lead Data Discovery (Data Discovery module) setup for structured/unstructured data scanning classification and inventory enrichment.
  • Architect Self-Service Portal (SSP) for business unit onboarding intake and assessment workflows.

• Privacy Domain Consulting

• • Advise clients on operationalizing GDPR and other Data Privacy laws/regulations through OneTrust workflows and controls.
  • Conduct current-state assessments gap analyses and target-state roadmaps for privacy programs.
  • Develop RoPA structures DPIA templates consent taxonomies retention schedules and cross-border transfer playbooks.

• Stakeholder Engagement & Workshops

• • Facilitate discovery workshops design reviews and UAT sessions with DPO Legal IT Security and business stakeholders.
  • Prepare workshop guides facilitation scripts clarification questionnaires and effort estimation models for RFPs and SOWs.
  • Provide training and enablement for client privacy teams super users and administrators on OneTrust modules.

• Project Delivery & Governance

• • Lead implementation phases - Discovery Design Build Test Deploy Hypercare - following Agile or hybrid delivery models.
  • Define effort estimates timelines RACI matrices and deliverable artifacts for OneTrust engagements.
  • Manage risks issues dependencies and change requests across multi-stream implementations.
  • Produce audit-ready documentation including configuration guides runbooks SOPs and traceability matrices.

Required Skills & Qualifications

Education & Experience

• Bachelors or Masters degree in Computer Science Information Security Engineering or related discipline.
• 8 14 years of overall IT/consulting experience with 4 years of hands-on OneTrust implementation across multiple modules.
• Proven experience leading at least 3 5 full-cycle OneTrust deployments in regulated industries (banking healthcare pharma telecom energy).

Certifications (Mandatory / Preferred)

• OneTrust Certified Privacy Professional (Mandatory) - across modules such as Privacy Management Consent Assessment Automation DSAR Data Discovery.
• Combination of certifications from IAPP - CIPT CIPP/E or CIPM - Mandatory
• CDPSE ISO 27701 Lead Implementer/Auditor - preferred.
• TOGAF or equivalent architecture certification - added advantage.
• Familiarity with cloud platforms (AWS Azure GCP) data architecture and enterprise integration patterns.
• Understanding of IAM CIAM DLP encryption and data masking technologies.

Regulatory & Framework Knowledge

• In-depth knowledge of GDPR CPRA EU AI Act.
• Familiarity with ISO 27701 NIST Privacy Framework NIST AI RMF ISO 42001 SOC 2.
• Understanding of sector regulations - HIPAA PCI DSS COPPA

Soft Skills

• Strong consulting and advisory mindset with the ability to engage CXO DPO and technical stakeholders.
• Excellent workshop facilitation requirements elicitation and storytelling skills.
• Clear concise and audit-ready written communication for client deliverables and regulator-facing artifacts.
• Ability to balance strategic advisory with hands-on configuration in fast-paced delivery environments.