Data Privacy & Compliance Consultant

Role Summary

We are seeking a Senior Data Privacy & Compliance Consultant with extensive experience in Saudi PDPL, GDPR, and enterprise Data Governance engagements. The consultant will lead privacy assessments, implementation programs, data mapping exercises, DPIAs, documentation development, and compliance readiness across entities regulated by SAMA, NCA, MCIT, and other Saudi authorities.

This role requires advanced consulting skills, strong documentation capabilities, and the ability to interact with senior stakeholders. The candidate will support pre-sales, negotiations, solution design, delivery execution, and post-sales advisory, with potential performance-based bonuses tied to sales contribution.

Core Responsibilities

Data Privacy & Regulatory Compliance Delivery

• Lead PDPL compliance assessments across governance, operational, and technical domains.
• Conduct data mapping, maintain records of processing activities, and document end-to-end data flows.
• Execute DPIAs and privacy risk assessments.
• Develop PDPL and GDPR-compliant documentation including privacy policies, consent management processes, privacy notices, data retention schedules, and data subject rights procedures.
• Review third-party contracts, DPAs, and cross-border transfer mechanisms for compliance.
• Support implementation of privacy controls, privacy-by-design practices, and remediation plans.

Engagement, Client Management & Commercial Support

• Lead privacy engagements, oversee delivery timelines, and manage stakeholders.
• Conduct client workshops, interviews, and governance sessions.
• Provide regulatory advisory on PDPL, GDPR, and global privacy frameworks.
• Prepare clients for inspections, audits, and regulatory submissions.
• Support scoping, proposal writing, solution storyboards, and client demonstrations.
• Assist in identifying upsell opportunities, such as extended PDPL implementation, privacy GRC tooling, training sessions, and DPIA services.

Post-Sales & Implementation Responsibilities

• Guide clients on implementing PDPL controls, developing privacy frameworks, and operationalizing compliance.
• Establish and document Data Subject Rights (DSR) workflows.
• Support deployment of privacy technologies (DLP, discovery, monitoring) as required.
• Track remediation progress, validate evidence, and prepare closure files.
• Review documentation produced by junior analysts and ensure alignment with regulatory expectations and consulting quality standards.
• Contribute to internal templates, methodology refinement, and privacy playbooks.

Key Deliverables

• PDPL and GDPR gap analyses, privacy risk reports, and governance documentation (policies, SOPs, retention schedules, data handling guidelines).
• Implementation plans such as remediation roadmaps and data governance frameworks.
• Technical outputs including data maps, DSR workflows, DPIA reports, and cross-border transfer assessments.
• Executive-level presentations, compliance dashboards, and maturity assessments.