Jobs in privacy and data protection are in high demand, but that doesn’t necessarily mean it’s easy to find and secure a job in the industry.
The type of privacy job you’re exploring, your level of experience, the education and certifications you’ve acquired, and where you’re looking for your next role all factor into your job search—and how much time and effort may be required.
In this article, we’ll dive into each of these areas to help guide you in how to find privacy jobs.
Types of Privacy Jobs
There are many different types of jobs in privacy and data protection. What can be challenging in the hunt for your next job is understanding what job title you should be punching into your search bar.
You may find a role at a certain company shares the same title as one at a different company. However, the roles, responsibilities, and perhaps even the level of experience required may differ. For this reason, it’s important to read job postings thoroughly.
As a starting point, let’s take a look at common privacy roles, both internal and external. As a privacy professional, you’ll either work internally at a company, or you’ll work for an external company that advises on an organization’s privacy practices.
Internal Privacy Jobs
If you decide to pursue an internal role on a company’s privacy team, there are a number of positions to consider. At the top of the food chain is typically the Chief Privacy Officer, or CPO. They likely hold the utmost level of organizational responsibility for privacy within a company.
A CPO may be a global chief privacy officer, in which they’re responsible for privacy at a global or multinational organization. According to a 2023 International Association of Privacy Professionals (IAPP) Salary Survey, in which nearly 1,500 privacy professionals participated, a global CPO has the highest earning potential, at an average annual salary of $206,000 USD.
Supporting the CPO is the regional privacy officer, responsible for privacy at the organization across a particular region or geographic area.
Internal privacy lawyers also sit within the company to ensure the organization is adhering to the continually evolving privacy laws and regulations.
Other roles to consider on a company’s internal privacy team, delivering on day-to-day privacy activities, include:
- Privacy engineer, responsible for privacy enablement, product design, coding, and/or analytics
- Privacy office risk and compliance manager, responsible for ensuring the organization stays compliant with privacy regulations
- Privacy manager, responsible for the day-to-day responsibilities associated with handling personal data
- Data protection officer (DPO), a statutory role under the GDPR that many organizations are required to appoint
- Privacy analyst, responsible for day-to-day tasks related to processing personal data and analyzing the risks from processing activities
Of course, as with other professions, each organization is unique; the exact role and title may change from one company to the next.
External Privacy Jobs
An external privacy job would be one in which you work for an outside company and act as an advisor for your client’s privacy practices.
Common external privacy jobs include an external privacy lawyer and external privacy consultant. External privacy lawyers advise on an organization’s adherence to privacy laws and regulations. An external privacy consultant’s role will vary based on an organization’s needs, but may involve support in designing, developing, implementing, and outsourcing operational privacy activities. For example, this may include conducting a Privacy Impact Assessment or conducting a privacy audit.
Requirements for Privacy Jobs
When taking a look at a job description, you’ll see required and preferred qualifications listed. Every role and company will differ, but here are a few you’re likely to encounter.
Education and Experience
Whether you’re searching for your first or fifth job as a privacy professional, the role is often going to require a bachelor’s degree. An advanced degree may be required or preferred for some positions.
If you’re pursuing a privacy law position, having a Juris Doctor (JD) degree and being in good standing with a state-specific bar would likely be required. For a seasoned professional, a company may also look for years of experience at a top-tier law firm or large in-house organization on your resume.
Certifications
It’s not uncommon to see certifications listed as a preferred or even required qualification for a privacy job. You’ll frequently come across the globally recognized certifications offered by the IAPP: Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), and Certified Information Privacy Technologist (CIPT).
Certifications can demonstrate a deep understanding of data protection laws, risk assessment, information security, and more. Obtaining IAPP certification is valuable for any privacy professional, especially if they’re looking to beef up their resume.
Referring back to the 2023 IAPP Privacy Professionals Salary Survey, 77% of survey respondents hold at least one IAPP certification.
How do certifications impact your salary? Well, survey participants with one IAPP certification earn about 13% more than those with no certification. Get two or more IAPP certifications under your belt and you may be looking at a salary that’s 27% higher than someone without an IAPP certification, according to the survey results.
Resources and Tools to Find Privacy Jobs
There are many resources and tools available to find privacy jobs. But just like that bleary-eyed viewing of a midnight infomercial, it can be difficult to know who or what to trust, or what you’re even signing up for.
Here are our recommendations on where to start (and hopefully stop) your search.
Job Boards
Start with the job boards. This is helpful for both entry-level and more experienced roles. Approaching your search in this way will help you more easily drill down to privacy roles and gain an understanding of the types of roles that exist.
Explore the PrivacyJobBoard.com to find global opportunities that you won’t find on LinkedIn, Indeed or ZipRecruiter. The IAPP has a job board, too. It’s available to the public (no need to be an IAPP member) and covers all specialties. Both job boards offer weekly or monthly e-newsletters so you can get the latest job posting sent straight to your inbox.
Let’s say you’ve found the role you want to apply for on one of the job boards. How exciting! But what can you do to ensure your application doesn’t get lost in the recruiter’s pile? Use LinkedIn to do some research.
First, search the company to see if you’re connected to anyone who works there and could refer you, or is connected to someone who works there and could introduce you. If you’re just starting out in your career, you can also use LinkedIn to find someone within your desired company who is an alumnus from the same college you attended or was in the same organization, such as a professional or social fraternity. Try messaging this person on LinkedIn, and be ready to share any relevant volunteer or internship experience you may have.
You can of course also use LinkedIn to search for jobs, particularly if you’re a more experienced privacy professional and have a good grasp on what roles you should seek out. Search by specific job titles, relevant privacy terms, or a privacy certification you hold, since they’re often listed as a preferred or required qualification.
Recruitment Firms
Another resource you can consider is a recruitment firm. Companies often partner with recruitment firms to find their candidates, and recruiters are incentivized to match candidates to the right opportunity.
This approach can be very beneficial to someone who is just starting out in their career and may need some help getting their foot in the door, or an experienced professional looking to land a competitive role within a company.
Conclusion: How to Find Privacy Jobs
Finding a privacy job is no walk in the park. Your first battle is understanding the landscape. Once you have an understanding of what privacy job you’re qualified for and you’ve met the requirements, job boards, LinkedIn, and recruitment firms should be explored for job discovery, networking, and further research.
One final tip before we part ways. If you’re already IAPP certified and/or have an IAPP membership, tap into the networking opportunities and educational resources available. The IAPP hosts a number of virtual and in-person events where you can meet other privacy professionals—potentially even someone that could help you land your next job.