Thomson Reuters
PrivacyOperationsSpecialist
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Privacy Operations Specialist at Thomson Reuters. Skills: Privacy operations, Global privacy regulations, OneTrust software, Risk assessment. Oversee day-to-day operations of global privacy program. Implement privacy policies, procedures, and operational frameworks”
Industry & Context.
Analytical capabilities
What They're Looking For.
Must Have
Bachelor’s degree in law, Information Systems, Computer Science, Cybersecurity, or related legal or technical field, 4-6 years of experience in a technical privacy, cybersecurity, or compliance role, Relevant privacy certification (CIPM, CIPPT, CISSP), Experience with privacy risk assessments, 2-4+ years configuring and managing OneTrust privacy management software, Knowledge of global privacy regulations (GDPR, CCPA, PIPEDA, etc.), Ability to interpret legal and regulatory requirements into system-level controls, Experience advising product and technology teams on privacy obligations, Knowledge of data classification, retention, and lifecycle management, Experience managing privacy operations in a large, complex organization, Proven ability to manage multiple projects and priorities simultaneously, Analytical and problem-solving capabilities, Experience with privacy management tools and technologies
Nice to Have
Experience with automation tools (PowerBI, PowerAutomate), Experience with AI/ML frameworks for compliance, Experience with data governance tools, Experience with SIEM systems, Experience with privacy-enhancing technologies (PETs), 4+ years configuring and managing OneTrust privacy management software, Proficiency in scripting and automation for compliance tasks, Knowledge of information security frameworks and practices, Project management certification or experience, Master's degree or J.D.
What You'll Do.
Oversee day-to-day operations of global privacy program
Implement privacy policies
and operational frameworks
Conduct privacy impact assessments (PIAs)
Conduct data protection impact assessments (DPIAs)
Conduct transfer impact assessments (TIAs)
Coordinate responses to data subject access requests (DSARs)
Track and report on privacy program metrics and
Track and report changes in privacy regulation
Monitor compliance with key regulations
Build and maintain data inventory
Build and maintain data mapping initiatives
Identify privacy risks
Implement mitigation strategies
Support privacy incident response
Support breach notification processes
Conduct privacy audits of internal processes
Conduct privacy audits of third-party vendors
Integrate privacy by design principles
Serve as privacy subject matter expert
Advise business units on privacy
Facilitate privacy training programs
Facilitate privacy awareness programs
Work with vendors to ensure contractual privacy obligations
Identify current sub-processors
Update contractual documentation
Maintain records of processing activities (ROPA)
Maintain privacy documentation
Prepare privacy reports for leadership
Prepare privacy reports for stakeholders
Document privacy procedures
Create operational playbooks
Support regulatory inquiries
Support regulatory audits
How You'll Work.
Team & Collaboration
Cross-functional collaboration; Work with Legal, Information Security, IT, Product, and Business teams; Advise business units; Work with vendors and partners; Collaborate across global teams
Communication Scope
Explain complex privacy concepts; Prepare privacy reports
Process & Methodology
Manage multiple projects
Full Job Description
**Thomson Reuters** is seeking an experienced **Privacy Operations Specialist** to join our General Counsel's Office. Reporting to the Chief Privacy Officer, this role presents an exciting opportunity to operationalize our global privacy program across Thomson Reuters. This role will be responsible for implementing privacy policies, managing day-to-day privacy operations, and ensuring compliance with global data protection regulations including regional (GDPR), federal (PIPEDA, UK GDPR), U.S. State (CCPA), provincial (Quebec’s Law 25) and sectoral (HIPAA, GLBA,FedRamp, CJIS, etc) privacy regulation, and other applicable privacy laws. The ideal candidate will bridge the gap between privacy law, technology and strategy, working cross-functionally to embed privacy practices throughout the organization and drive automation, leveraging the use of AI and other tools to operationalize privacy compliance across products, services and functions. **_About the Role_** In this opportunity as a Privacy Operations Manager, you will lead: **Privacy Program Management** * Oversee the day-to-day operations of Thomson Reuters' global privacy program * Implement privacy policies, procedures, and operational frameworks * Conduct or facilitate the conduct of risk assessments, including - privacy impact assessments (PIAs) data protection impact assessments (DPIAs), transfer impact assessments (TIAs) * Coordinate responses to data subject access requests (DSARs) and ensure timely resolution * Track and report on privacy program metrics and KPIs **Privacy Compliance & Risk Management** * Track and report changes in new/existing privacy regulation and monitor compliance with key regulations including GDPR, CCPA, PIPEDA, among others * Build out and maintain data inventory, and data mapping initiatives * Identify privacy risks and work with stakeholders to implement mitigation strategies * Support privacy incident response and breach notification processes * Conduct privacy audits and assess
Applying for this Privacy Operations Specialist role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Thomson Reuters?
Real rants from real employees. Read before you apply.