Over recent years, the Privacy market has seen a big shake-up with the ever-growing emergence of in-house functions for data protection following the introduction of more elaborate privacy laws. This has left a lot of privacy professionals in a busy state but also lead to the emergence of fantastic career opportunities, attracting a range of top talent to the space.

This article talks through a range of ideas on how to highlight your CV to help you stand out if you are privacy professional looking to make a step forward in your career;

Highlight your stakeholders

Organisational structures can differentiate a lot from company to company in relation to privacy. It is still seen as a common ‘greenfield’ area for a lot of firms where they aim to build on their privacy framework. However, some organisations can have a mature framework already in place.

Of course, this is very context dependent. In fact, there may not even be an existing privacy structure in place. Every company will be different. The point is, that whoever you worked with and how you define your role within a privacy team works wonders for future employers so be sure to express this in outlining your responsibilities.

Let’s not get bogged down on just ‘Privacy’ stakeholders. How you collaborated with other departments to deliver an effective data protection culture throughout the business is an extremely valuable trait. So, if you worked alongside departments across the business such as HR, Marketing, Sales etc. make sure to highlight this – it shows your ability to influence through soft skills to achieve cross organisational goals. After all, one common dilemma is a lack of organisational ‘buy-in’ for privacy and having the ability to demonstrate privacy in a positive light across the firm will help substantially in getting that buy-in.

What to do with GDPR

GDPR is now in effect…  but the show is not over and the end credits are far to be seen. There is often the opinion that GDPR is a ‘project’ but it is an ongoing compliance effort and if your organisation wishes to have sustainable GDPR compliance then there will need to be ongoing ‘Business as Usual’ data protection activities but also ongoing organisational change to allow governance to keep up to the pace of change around process and technological innovation. When highlighting your GDPR experience do not think ‘Business as Usual’  think CHANGE.

If you have worked across elements of GDPR delivery then this is a great opportunity to highlight organisational change skills when approaching GDPR – i.e. aspects of training, raising awareness, cultural shift. These skills are often overlooked but having the ability to promote GDPR as a business enabler rather than a blocker is really something that will appeal to any organisation taking compliance seriously.

Be smart with your keywords (but do not overdo it!)

What do I mean by privacy keywords? Well, we have the likes of DPIA/PIA, SAR, Privacy by Design, work with policies/contracts etc. The standard business as usual activities that are integral privacy duties and a common requirement across any data privacy function. Do not get me wrong, these are great keywords to highlight but you can also think outside the box here and get creative.

Privacy is not always ‘business as usual’. Help your CV to stand out by highlighting some of the cutting-edge privacy work such as work with privacy shield, Data Subject Rights Management, Privacy Management Softwares (OneTrust, Varonis, TrustArc) etc. If you have worked across areas of data minimisation you could utilise keywords such as anonymization, pseudonymization and hashing to demonstrate these techniques which help give your profile a winning edge.

I recommend diving into some depth of context giving examples such as how you conducted privacy impact assessments or how you helped to integrate privacy by design – painting a more tangible picture of your experience.

What was your company impact?

A lot of privacy contexts vary within organisations with different forms of C-level buy-in and varieties of culture towards data protection. Highlighting some of the impacts you left on a company shows you are a dedicated professional to the privacy space with a passion for the matter.

Examples of creating a company impact can be the stakeholders you trained, the hires you have made or even more creative elements such as organising a marketing campaign.

One example I like to refer to on this is the ‘EasyJet Privacy Policy explained’ video which was marketing content released through social media by EasyJet to its customers explaining their privacy policy. Simple, yet incredibly effective and a great way to demonstrate to customers that you care for their data (reinforcing on a positive brand image!)

You can watch below;


International Privacy experience?

It has been hard to avoid the dominating European Privacy legislation which has caused a loud shake-up in the world of data protection. However, it is naïve to think that is the only important privacy law. Global organisations are likely to span into a range of jurisdictions where there are multiple laws governing data protection of employees and consumers. So, if you have worked across multiple privacy laws make sure to highlight it. This experience is only going to become more sought after as we expect to see further shake-ups in privacy across the globe.

Embrace your tech

Sure, Privacy is a legislation but living in a modern-day world transitioning to a more digital state there is no avoiding the wonders of tech. Over recent years we have seen some big shake-ups in tech. From cloud to IoT to Big Data to Artificial Intelligence to Blockchain to whatever else is around the corner. Technology is so fast paced that keeping up to speed with adequate data privacy law is easier said than done. Thus, if you have experience across any of these domains make sure you highlight it. Having a technical understanding followed with some practical hands-on experience in these areas can be a strong unique selling point to help you stand out above the competition.

Getting over the NDA bump

Ever had to sign a non-disclosure and restricts you putting a client on your CV? In data privacy, it seems to be a common occurrence especially if you are doing some form of interim consulting or working for a consultancy. Do not let this stop you from highlighting your experience. If there is an NDA you can always give a short description of the client i.e. ‘Multinational FMCG organisation’ if you have worked for Nestlé or ‘Leading FTSE 100 Insurance Brand’ if you have worked for Admiral. This helps hiring managers to get an idea of the scope of organisations you have worked for and ultimately, gives you the chance to highlight your relevance for the role. You do not want to give the impression there is something to hide.

Oh, and don’t forget the basics

Keep it tight, tidy and to the point. Follow the golden rule whereby you should be able to contain all relevant information on the first page and the rest of the CV should be a more in-depth breakdown of your responsibilities aiming for a limit of 2/3 pages.

I hope this has been of assistance to you – if you would like further assistance on this matter please do feel free to get in touch anytime.