The advocacy group Women in Security and Privacy (WISP) recently held an industry webinar as part of their educational series on advancing and equalizing roles for women in the security and privacy industries. Moderated by Irene Mo, a privacy and data security associate at Hintze Law PLLC and community lead for WISP, the session featured a Q&A with Jess Barre, JD, TRU's VP of Recruitment & Account Management and centered on the data privacy job market.
Missed the webinar? Watch it here, or read on for Part 1 of this essential recap of everything you ever wanted to know about breaking into and moving up in the data privacy field.
The Most In-Demand Privacy Skills
Irene Mo: What are the biggest demands for privacy pros right now?
Jess Barre: The key areas where we see demand in data privacy right now are sorted by industry, seniority, and skillset experience.
In industry, clients are looking for candidates who have strong B2C backgrounds. Any experience with consumers’ data is in high demand. These hot-spot areas include retail, entertainment, and telecom. However, all B2C organizations are facing data privacy issues now, especially in the US as consumers become more concerned about who has their data and what is being done with it. I’m sure you’ll recall the recent Apple iPhone ads centered solely around their tightened security features – firms with these types of concerns are hiring data privacy pros at accelerated rates. At TRU, we are also seeing a huge uptick in demand in life sciences and healthcare data needs.
In terms of seniority, data orgs tend to start by hiring a leader at the top, then a data analyst at a lower level, and finally they fill in the middle levels. So where an organization is hiring is really contingent on its maturity model. The more mature the program, the more hiring opportunities come forward.
The third area of demand is by skillset – both hard, tangible knowledge and soft, intangible personality skills. Those skillsets are broken into a few areas themselves. For example, one is privacy by design: in this area, there is a demand for professionals who have experience working with product teams and baking in privacy at the product level. Another is a hard-skills demand for pros who can leverage privacy management tools fluently, such as Big ID, OneTrust, etc. The last skill in high demand in the US is the mastery of all the myriad compliance regulations that must be followed and the complying with changes that regularly occur. From the soft skill side, a trait that is in high demand is to be “multilingual” – the ability to speak the languages of the business such as legal, operations, finance, IT and bring all of ideas they have together under the privacy umbrella. Privacy is the ultimate cross-functional role.
From Good to Great: Gaining Buy-In for Privacy & Compliance
Mo: I know for me, the biggest compliment I get is when I’m working with a software engineer or someone in IT and they tell me that they really enjoyed working with me. They didn’t expect to enjoy working with a compliance attorney. We get a bit of a bad rep.
Barre: Oh yes. Compliance has a PR problem! Legal does in general. People try to avoid working with legal teams if they can help it. Attorneys have to break down those barriers – speak plainly and strive to meet people at their levels. That skill of breaking down those barriers is what distinguishes a great privacy pro from a truly excellent one. The communicators go the extra mile.
Mo: How does someone take those hard or soft skills and break into privacy as a new grad, recent law grad, or tenured professional?
How to Break Into the Privacy Profession
Barre: In terms of breaking into privacy, it’s very different depending on where you are in your career. If anyone is currently in school, that’s the easiest to determine. It’s important to get certified. When you don’t have the work experience to back up your skills yet, the education and the certifications really show that you are invested in this industry and your career.
For folks who are still in school (law school or college), be sure to grab internships in the privacy space wherever you can. That is a great way to get a tremendous amount of exposure. And take any privacy-related courses (in school, online, or in independent study) you can at your school to get the knowledge before you enter the job market.
Get a Privacy Certification from the IAPP
Barre: If you have been out of school for a while, you’ve probably been working and have set expectations about what salaries are, etc. To move into privacy, be realistic about what a career move up or sideways looks like, at least at first. I strongly suggest you get certified. And if you have a law degree, the best way to proceed is to get a CIPP US certification from the IAPP. They test your knowledge of privacy law and will help you move forward. If you are an operationally focused person or want to complement that regulatory knowledge with another certification, get the CIPM. It tests how regulatory knowledge manifests in the workplace. If you are currently in a role with a privacy team, make yourself known to them, be visible and offer to shadow them to gain more knowledge. It’s not hard to fall into. Be a privacy champion at any level. Get your hands on a substantive skillset.
Mo: News grads looking for their first privacy role – what do you think about people taking a non-practicing role in privacy? As a recruiter have you had a harder time placing non-practicing people?
Barre: Within the privacy sector, it's much easier to switch back and forth between legal and operational roles. You can't divide legal from operational privacy. While there are a few areas in privacy that require legal practice, and there are areas from the operational side that do not involve legal, I encourage recent grads and those with less experience to go for the best possible role they can to start — like privacy analyst. Most privacy professionals are wearing multiple hats, make sure to put yourself out there and volunteer for anything that comes up like contract reviews. It pays to take advantage of those types of opportunities.
Make a Move Now to Move Up or Across in Privacy
Mo: That’s great to hear! When I was in a non-practicing role trying to transition to a practicing role, people were more welcoming than I thought they would be. Of course, it was great to see that it was possible to transition to legal practice roles as well.
Barre: Now is an easier time to do that than it will be five or 10 years from now when privacy departments are significantly more established and better resourced. Right now, tasks really overlap and it’s easy to make that transition.
Get Sought-After Privacy Certifications
The next part of that is how to get into it. The best way to get training and education is with the International Association of Privacy Professionals (IAPP). You can register for free online training on the TRU Staffing Partners website. The IAPP is one of our most strategic partners. They offer various certifications for both the legal aspects as well as the operational and technical aspects that give you the foundational knowledge necessary to break into this business. So, I would start there. Second, remember that privacy touches every aspect of every business. Stick your hand up and volunteer at your present company. Figure out how you can be a privacy champion in whatever department needs you most. No one will say no to someone volunteering to help champion that cause.
TRU Staffing Partners is here to answer any and all questions posed by people looking to break into the business, or from people looking to hire these professionals. Interested in this industry? Browse our open privacy jobs today or submit an application.
Never miss a post - sign up for instant notifications here!