Data Privacy Roles for the Recent College Grad
TRU Staffing Partners
September 22, 2022 at 7:30 AM
Fit4 Privacy is a data privacy consulting firm that advises organizations about privacy opportunities and helps them mitigate risk to gain control over data. The firm frequently hosts podcasts with industry professionals to help listeners stay connected with the latest news on data protection. A recent Fit4Privacy podcast with Punit Bhatia, the firm’s CEO, featured an extensive talk with Jared Coseglia, founder and CEO of TRU Staffing Partners and focused on TRU’s recently published 2022 Data Privacy Jobs Report. This blog post covers career opportunities in data privacy for entry-level professionals.
Punit Bhatia: I was going through the Jobs Report, where you suggest that entry-level professionals can get good jobs in data privacy. If someone is just out of university, with either a law degree or another degree, what do they need to do to get into privacy?
Jared Coseglia: If they have a law degree, they should be open to non-legal data privacy jobs. That is the first piece of advice I would give new lawyers because the market is shifting and we’re starting to see more jobs in operations. These are jobs where a J.D. might be preferred, but not required.
While these roles might not require the practice of law, they could be the way into the industry and lead to future positions where these folks are practicing law. If you are just out of school with a J.D., you might find an operational role in data privacy to be very interesting. But in general, people have to show ambition and show employers why they need to invest in someone without prior privacy experience. I speak and advise at a number of law schools around the U.S. and advise that students take the IAPP certification trainings before they graduate law school. Being certified before going out in the world shows future employers that they are serious about privacy.
PB: They need some data privacy knowledge but not a great depth to start out. They need to tell a good story and sell themselves, showing their ambition and soft skills.
JC: And they need to show why data privacy is important to them. I didn’t start out in privacy – I started recruiting in technology, ediscovery, and cybersecurity, and found my way to data privacy and fell in love with it. I frequently talk about all the reasons that privacy is important to me personally, not just professionally. I think that candidates who are entry-level need to find that passion – that connection to privacy.
People want to feel that their companies are investing in them. They want to learn something new on that job, whether they are experienced or entry-level in privacy. This goes back to your question about what hiring managers can do to attract people. They should tell candidates what new things they are going to learn. Identify what they don’t know, and then fill those gaps for them in the same way you are looking for someone to fill the gaps in your data privacy program. It becomes a two-way street that is very attractive to candidates.
PB: So, what about the non-law recent grads?
JC: With non-law students, if they already have an interest in privacy, I would tell them to find more technical opportunities and leverage their technical skills. For example, if you studied IT, and understand software implementations at the enterprise level and can do customizations of workflows in data governance or ediscovery, those are very transferable skills into data privacy.
It’s important to figure out applicable experience relating to the types of roles you want to secure. But at the end of the day, hiring managers still expect and give preference to operational and technical employees who understand the laws and regulations around data privacy. They want people who can work with key industry regulations, maintain a baseline of compliance, and work with the associated technology to help solve problems and provide solutions. If you have no idea what GDPR (General Data Protection Regulation) is, it’s harder to break into privacy as a technical or operational professional. You are still going to need to know those laws.
PB: I think the role of privacy technologist or privacy engineer is coming up more frequently in so many of the processes that are needed to run programs. Is that a popular role?
JC: Oh yes. Most of the jobs at Big Tech are moving into very sophisticated engineering and product technology opportunities. That’s not to say that legal departments are not robust with work as well, but they are becoming more specialized and more siloed because they have really mature data privacy programs. At a pre-IPO company, you might have one person in the GC’s office who runs the program and wears all the hats. But if you are looking at Fortune 1000 companies, there will be a lot of jobs for tech. Not just engineering but enterprise and product level. A lot of big companies are building their own privacy tech. They’re looking internally to their programming departments to help them build their own models and automations. So, anyone with experience working with program teams, that now becomes a viable transferable skill.
PB: I am an engineer with IT experience. When I came to data privacy, it was about all the facets of data management. Privacy, legal and compliance need to be connected to technology and that is where I was able to differentiate myself. So many firms are siloing privacy responsibilities now instead of having one person manage it.
JC: It depends on how mature the programs are. The most mature companies have a really robust, highly diversified, compartmentalized privacy program because some of them are the most unbreakable systems. You’d be surprised how some of the hyper regulated organizations have the least amount of staff onboard. Mainly they are holding the bottom line as it relates to regulations. Firms with mature programs are creating their own ethical ceiling as opposed to focusing on the regulatory floor because it is so low.
PB: What’s the best way for entry-level graduates with an interest in data privacy to contact you?
JC: It’s always best to go to the TRU website. Candidates can register to receive our Hot Jobs newsletter on a weekly basis. Or if you see a job you like, apply for it directly online. You can also apply for broad representation if you are not actively looking but will be soon and want to know what do to get started in the job market.
Also, we have checklists that entry-level grads will find useful. If you are a technologist, we just released our OneTrust checklist where you can rank yourself on skillsets for OneTrust. We use that to help promote candidates with nuanced skillsets in OneTrust, which is a rising demand. You can call us directly too. All of our contact information is on the website.