Episode 48

full
Published on:

18th Oct 2022

The Three Things You Need To Get Your First Role In Data Privacy

Do you want to work in Data Privacy but don't know where to start?

We've all been there. You're interested in a new field but don't know what the first step is. The good news is that getting your first role in data privacy isn't as hard as you might think. In fact, with the right tools and resources, it can be downright easy. And that's what we're here to provide – everything you need to get started on your journey today.

Listen to this extract from our acclaimed webinar "How To Start A Thriving Career In Data Privacy" to uncover everything you need to kickstart a thriving career in privacy!

In this episode, you'll discover:

  • How to get started in Data Privacy without prior experience
  • Why applications aren't just a numbers game
  • How to access the hidden job market through LinkedIn
  • How to decide on the best IAPP Certification to accelerate your career

Discover why you can enjoy a rewarding career in Data Privacy regardless of your background, and so much more...

Subscribe Now

Listen Now...

Discover more about The Privacy Pros Ultimate CIPPE and CIPM Training: http://bit.ly/3ZmiJZz

Follow Jamal on LinkedIn: https://www.linkedin.com/in/kmjahmed/

Connect with Tahir Latif on LinkedIn: https://www.linkedin.com/in/tahirlatif101/

Connect with Samara on LinkedIn: https://ca.linkedin.com/in/samara-starkman

Learn more about The Privacy Officer Blueprint: https://www.inq.consulting/privacyofficerblueprint

Get Exclusive Insights, Secret Expert Tips & Actionable Resources For A Thriving Privacy Career That We Only Share With Email Subscribers

https://newsletter.privacypros.academy/sign-up

Subscribe to the Privacy Pros Academy YouTube Channel

► https://www.youtube.com/c/PrivacyPros

Join the Privacy Pros Academy Private Facebook Group for:

  • Free LIVE Training
  • Free Easy Peasy Data Privacy Guides
  • Data Protection Updates and so much more

Apply to join here whilst it's still free: https://www.facebook.com/groups/privacypro

Transcript
Intro:

Are you ready to know what you don't know about Privacy Pros, then you're in the right place.

Intro:

Welcome to the Privacy Pros Academy podcast by Kazient Privacy Experts. The podcast to launch, progress and excel your career as a Privacy Pro.

Intro:

Hear about the latest news and developments in the world of data privacy.

Intro:

Discover fascinating insights from leading global privacy

Intro:

Professionals, and hear real stories and top tips from the people who've been where you want to get to.

Intro:

We're an official IAPP training partner.

Intro:

We've trained people in over 137 countries and counting.

Intro:

So whether you're thinking about starting a career in data privacy or you are an experienced professional, this is the podcast for you.

Jamilla:

Thank you everyone for joining us today on this webinar ‘How to start a thriving data privacy career’. We've got some amazing guests who will be speaking to you today. It's now my pleasure to start introducing the guests that we've got today. So firstly, I'd like to introduce Tahir Latif. Tahir is an expert global data protection and privacy professional who has directed, advised, and led complex programs of change across multiple industry sectors to implement and embed best practice data protection to meet the needs of the business. Accredited to the Fellowship of Information Privacy and project lead of the NIST Privacy Working Group, responsible for conceptualizing and drafting the revised Global Privacy Framework. Welcome, Tahir. Thank you for joining us.

Tahir L:

Thank you for that fantastic introduction, Jamilla.

Jamilla:

No problem. Thank you so much for joining us. Next up, we are privileged to have Samara with us. So Samara Starkman is the managing partner and Cofounder of Inq Consulting and a partner at Inq Law. Concentrating her practice on privacy-based data governance, health, and technology, Samara regularly advises clients on a wide range of matters related to privacy compliance, health law, and technology licensing. In her work, Samara provides both practical and strategic advice to assist organizations with responsible, compliant innovation. Prior to joining Inq, Samara was a sole practitioner with clients that included major Ontario hospitals, pharmaceutical companies, health tech start-ups, and multinational telecommunications companies. Previously, she led the privacy department at an Ontario provincial agency. In addition to her practice, Samara has taught privacy law at two major Canadian universities and is the creator of the Privacy Officer Blueprint. And we'll hear more about that later. Thank you so much for joining us, Samara.

Samara:

Thanks for having me.

Jamilla:

And last, but by no means least, we have Jamal, who is a global privacy consultant who provides guidance and training in data protection to B2B businesses looking to safeguard their data. He also mentors privacy professionals looking to get confidence, credibility, and clarity to further their careers. He has been awarded the Fellow of Information Privacy by the IAPP and has been published by Thompson Reuters, Euro News, The Independent, Daily Express, and other leading industry publications. He's delivered training to people across 130 plus countries, deliver privacy solutions across six continents, and has trained professionals at the world's leading organization, including Facebook, UBS and more. He has guested on a variety of podcasts and also hosts his own, the Privacy Pros podcast, which you may recognize my voice from, which is ranked number one data privacy podcast and top three GDPR podcasts. Jamal is super passionate about inspiring individuals to become high performance, world class privacy professionals and his Privacy Pros Academy has been life changing for many of his mentees. And we'll be hearing from one of those mentees a bit later on. Welcome, Jamal. Thank you for joining us.

Jamal:

Jamilla, thank you very much for such a lovely introduction.

Jamilla:

Jamal, you've had mentees from lots of different backgrounds. How have you seen them transition into privacy from what they've been experiencing before?

Jamal:

Yes, I've seen hundreds of people coming in from all different backgrounds and sometimes people come to me and say, hey, Jamal, look, I've been doing, I've been working as a business analyst for the last twelve years and I've got to a level where I'm actually quite happy, but I'm a bit bored, I'm looking for something else, but I'm thinking of privacy. It looks very interesting. I've been listening to your podcast and it's fascinating, but I don't want to start again at the bottom. I don't want to go and start an entry level job. I've got used to this level of lifestyle. If anything, I want to go beyond that. And that is a big sticking point for a lot of people. But let me tell you, categorically, when you come to privacy, there is no starting off at the bottom. If you have experience in enterprise, if you have experience in retail, if you have experience in operations, whatever experience you have, it's up to you to make the most of those soft skills. And what you're going to discover is 50% of privacy is understanding the theory, the technical knowledge, but that one isn't going to get you anywhere. And the people that join my accelerator program, they’re the people that are stuck with the theory, but they can't shift the career where the real magic happens. And Tahir is a big fan of this, and I can see that he's going to tell us a lot more about this is the soft skills, right? That's what makes the difference between an average privacy pro to a thriving privacy pro. It's being able to have those conversations with those stakeholders. It's being able to operationalize and implement pragmatic solutions, not crossing the I's and dotting T’s. That doesn't help. And that's why sometimes you find people with very strong legal backgrounds struggling a little bit. And recently I had a conversation with somebody who had three masters in law, right, and they was like, look, I'm stuck in my career, I don't have the confidence when it comes to board meetings. I don't feel like speaking up because I have all this theory and I do great academically but now that I'm in this role, I actually don't know how to do this stuff, I don't know how to implement it, I don't know what it means. So when you come with all of that operational background. When you come with all of those soft skills that you've developed in whichever career. You're coming to the privacy industry with all of that skill. With all of that value and you're bringing that to the table and then you add the privacy knowledge and the know how and the practical understanding of it and now you're super valuable. So you're not going to start at the bottom, you're going to jump across, start where you are or even more earn a lot more than that because everyone will tell you the privacy industry is very rewarding and it's rewarding financially and it's very rewarding from an actual giving that point of view as well. The thing that I love most, and I'm going to come back to initial question is what is it that we do as privacy professionals? I see my role as being somebody who is there to empower businesses, to adopt honest privacy practices by finding solutions that help them to inspire trust, cultivate confidence and ultimately maximize their impact on the globe. And the reason I do that is to fulfil the vision that we have at Kazient Privacy Experts on making sure that every woman, every man, every child on this planet can enjoy the right to choose how their personal information is used.

Samara:

Jamal, I just want to challenge you a little bit on one thing, those soft skills. So I used to use that term all the time and somebody corrected me and said they're the hard skills, they're not the soft ones. So if you have those skills, then those are the ones that are going to be the most valuable. And I think we're all talking about the same things, but it really put into perspective those what we call soft skills and how challenging and how more difficult they are sometimes than actually even knowing the law itself. So just another way of looking at it.

Jamal:

Absolutely, I stand corrected. For the record, hard skills.

Tahir L:

And also Jamal, as you've said, don't put your privacy career on hold for fear of either feeling inadequately qualified with either a law degree or a degree in a different subject. Privacy is bringing the knowledge that you already have in your career, be it in retail, financial or in healthcare, you're already an expert within your domain because you know, what are the personal data touch points that you collect. So if you add on to that your privacy knowledge that you have or the privacy knowledge that you can acquire and then are able to communicate effectively and enthusiastically with your stakeholders, that will certainly bring you to the forefront of privacy within your organization. Communication is key, right? Privacy, it's a compliance era, could be viewed as being a little bit dry but bring your passion to it, bring your enthusiasm to the fore. Engage with stakeholders, talk to them about the importance of privacy, and your own profile will definitely be raised internally within the organization as someone that can deliver a program of change.

Samara:

I was also thinking, you know, we often talk about privacy not just in terms of compliance, but trust. So a lot of the time when we're talking to business, the words that really resonate are around trust and trust of our customers and privacy is such a key component.

Tahir L:

Agree. I always say to everyone who approaches me for advice on privacy, don't let a degree hold you back, or not having a degree hold you back. Acquire the knowledge, be passionate, join the network, and then move forward. Don't wait for two or three years to get a degree or to get a masters in law. Start your journey now.

Jamilla:

That's great advice. Thank you. Start your journey. So for people who are lacking experience when they're job searching, but entry level positions are demanding things like three years of experience, how are you supposed to get into the data privacy field?

Tahir L:

As the job market is growing, employers now are being more demanding as to the minimum requirements. Now having three years in privacy as a newbie or as junior position is going to be almost impossible. But the key is to persist and put what elements of privacy you've done in your current role, if at all. So if you worked in retail, then you're familiar with the kind of data that you've collected from the point of sale. If you've worked in marketing, have you run your marketing campaigns? Have you always kept on top of the consent required for that marketing? If you worked in health care, by being cognizant of the data that's captured within the healthcare field, ensuring that the data is kept secure, not given access to that data to other members of staff or to extended members of the family. So bring your experience and articulate that clearly on the CV. The CV is what will be received by the HR department that has to be clearly articulated and bring across your passion within the CV as well. Write a very strong covering letter. It's easy just to send over your CV and think, well, that's done, and let's wait for a response. Write a strong cover letter, really bring across your passion, and someone in HR will think, it's certainly worth putting this person through on our shortlist, and let's take that to an interview.

Samara:

That's good advice. I think customizing your CV and your cover letter to the audience is so important because it also shows the interests. And anything that you could be doing to show your interest in the field, I think, is going to be what gets you through that door. So attending conferences, meet with people that are in the field, do some networking. It's always helpful to talk to people who are already there and start to get involved in some of these communities. So despite not having the training or perhaps some of the experience. You know draw those things out as Tahir said. Get to know people who are already doing what you're doing and talk to them. And then demonstrate that through things like training, conference attendance, Certifications, that sort of thing. I think anything you could do to demonstrate that you are genuinely interested in this is really important.

Jamal:

st, and until people pay me £:

Jamilla:

I'm going to introduce Tahir Number Two. Who is Tahoe Choudhury. He's a graduate of the Privacy Pros Academy. And prior to joining the Academy, he had no real knowledge of data privacy. He had never had a salary based job and always been self-employed. He had never had a real CV, never applied for a job and never had a job interview. But now, following the Privacy Pros Academy, he's CIPPE certified and he has an amazing career as a Data Protection manager. So I'm going to hand over to Tahir.

Tahir C:

Thank you Jamilla.

Jamilla:

Tell us a little bit more about what made you want to join the Academy, how you felt starting a new journey.

Tahir C:

I wanted to make a change. I've always been self-employed. I've been in the restaurant industry and the taxi industry. I just want to make a change into the professional industry. One of my cousins, he actually went through the whole Privacy Programs academy with no experience. He got into the industry, so he pushed me. I spoke with Jamal, had a whole interview process with himself. I thought it was going to be a bit easier, but, yeah, he asked loads of questions to get through and he took the opportunity with me. That was in the end of October, I think. And from there, it's been such a huge change for myself. I never knew I'd be in this kind of position, but I thought, I'm going to try my best. Jamal showed me the way. He said, do this, do this. That's what I've done. And I've become a data protection manager in six months from no experience. I'm pretty sure I'm the only person with the least amount of experience that has got through the Privacy Pros Academy that has got a job. I think.

Jamilla:

Wow, that's absolutely amazing that you've gone from no experience to now becoming a manager. Was there anything that you thought maybe you're a bit nervous about before joining? Is there anything that you were kind of holding back a bit on?

Tahir C:

I was nervous about everything, but I think one of the first lessons we had was on mindset training, and that was the biggest change for me from what a fixed mindset to growth mindset or state. But, yeah, it just opened my eyes. Before, I was like, I haven't got a degree. I didn't finish uni. I've always been in the restaurant industry. I don't feel like I could achieve much. But when he showed that it's actually possible, if you put your mind to it, you can do anything, and 100%, you can do anything you want to do. My line manager who hired me, at first she was like, he doesn't have enough skill. He might have certificates but there’s other people have a lot more skill. Then once she actually came to interview me, she was like, yes, we have to have him. So it's about if you just have to speak and have that kind of communication.

Jamal:

Tahir, thank you so much for your time. If there was one thing that you wanted to leave everyone with, what would that be?

Tahir C:

Push yourself to start, because if you don't start, it's just going to drag on and you won’t achieve what you want to achieve.

Jamilla:

Great. Thank you so much, Tahir, for sharing your experience. Right, so next on our list, and we've had so many questions about this topic, is certifications. I'm going to come to you Tahir, for this one. Are all certifications created equal?

Tahir L:

Certainly not. Choose your certification very carefully. There's an abundance of data protection certifications out there. And just do a poll, don't take my word for it, just do a poll on the job boards out there on LinkedIn and the numerous vacancies that are available within the privacy profession. And look at what certifications recruiters are looking for and that will give you an idea of what's valued within the profession. Undoubtedly, the top certification are those offered by the IAPP in no particular order. I've seen some questions here, which to do first, CIPPE, CIPM, CIPT. Well, which job would you like to do? CIPPE is more if you are a lawyer looking to break into privacy, that would be a great first step. It talks about the history and the regulations and the principles and how they can be applied. If you're operational, then CIPM, it tells you how to implement a privacy program. And if you're technical and you come from more of a security and risk background, then do the CIPT. But every day of the week, I would recommend these three qualifications. Be careful. There are many other qualifications out there, especially those that are looking to certify you. And I'm not being judgmental at all, but those are looking to certify you as a DPO. I don't come across job adverts where you need to be a certified DPO. There are a couple that I will recommend. One is, again from the IAPP. They've got an excellent certified DPO qualification, and that's internationally recognized. And for the remainder, do your research, reach out to the privacy community, get their views, and find out what's truly valued.

Jamilla:

So, yes, as we have found out, not all certifications are created equal. Your best bet is to go for something such as an IAPP qualification. So talking about the industry itself, is it an industry that is evolving and getting bigger? So people who are thinking about going into the industry, will they be getting jobs?

Tahir L:

Most definitely. Jamila I've seen exponential growth year on year within the profession. I mean, privacy is a profession now, and it's seeing double digit growth each and every year. For those of us that were fortunate enough to have joined over a decade ago, we're in a great position. But as Tahir, who has only been in the industry two months, has already come in as a management level position, that's an indication of the demand within the industry at the moment. I see demand outstripping supply of talented and suitably qualified and passionate candidates. Regulations are unabating, they're changing. There's always new guidelines being given by bodies such as the EDPB. At the moment, in Europe, the situation is becoming even more complex with a variety of different acts being coming into play. Now, the various digital market acts within the EU. So privacy is here to stay. It's being rolled out across the globe. I think it's probably in about 77% to 80% of jurisdictions across the globe. And as it's rolled out to each of these jurisdictions, skill sets are in short supply. So, for example, the Middle East is completely greenfield at the moment, and they're looking for talent globally. Right? So if you are qualified and you feel like that, you've got the passion and the knowledge, but are lacking the confidence to buy locally, then look internationally, look at greenfield sites and where the the skill sets are in short supply. And not only are the roles increasing in terms of number of roles out there, but the actual salary is increasing as well. So with Tahir moving from being working in a family restaurant and then going on to Uber, then, you know, attracting a very good salary for being a privacy manager, I'm not advocating that he leaves, but within a year he will be getting emails and connections from recruits saying, would you be open to having a conversation for a more senior role? There's a multitude of roles that are out there for all levels of privacy professionals, and you can specialize in a certain domain. For our colleagues who are in information security, there's a whole field of privacy that focuses on encryption, pseudonymization, anonymisation, scrambling, data masking. It's a very niche skill set. So if you are coming from information security or technical, privacy by design and default is one of the main tenets of data privacy. So apply the skill sets you already have to that element of data privacy and become a very niche skilled individual within that domain.

Jamilla:

You mentioned infosec. We've had a couple of questions on infosec. Mainly, is it important to have knowledge of infosec to enter data privacy roles, or is it kind of a niche thing?

Tahir L:

No, you can come from any background. You asked earlier whether law would be advantageous.

Tahir L:

Yes if you wanted to focus on policies, procedures on the transparency, and on the contractual side of data privacy, a law background will be hugely advantageous. So I can't draft data processing agreements. I don't have the skill set and the legal background, but some of my team members do. So I will always go to the team. When I have a client, there’s a question asked here about cloud architecting and cloud migration, if I have a requirement from a client about the security controls that need to be implemented as a result of the data privacy regulations, I'll go over to that individual with that skill set, and they're bringing that skill set with them from information security. But the skill sets that you have, you can either bring and focus on those, or you can continue to develop. And it is important to always continue your growth mindset beyond your certifications, right? Yeah. Because the industry is moving so rapidly that you can't just rely on what you knew last year. As we're moving into different forms of encryption, quantum computing, advances in artificial intelligence, advances in data analytics, data warehousing, data lakes, organizations now are monetizing data. With that comes huge privacy implications. So understand what organizations are doing, you can't just say, well, I learned privacy three years ago. I'm going to apply the privacy principles. You have to be able to apply them today for modern organizations and the way they are moving. Otherwise your career will be stagnant. LinkedIn is a phenomenal source of knowledge. Build your brand on LinkedIn no matter where you are in your career, don't be shy. Mistakes happen, fail fast, learn quickly. Present your point of view. Privacy professionals are very busy, so if there's a new regulation that's come out and you want to enter and you're fairly new and you've got a little bit of time in your hands, go on to LinkedIn, present your point of view. Every day I'm learning something new from something that's been put onto LinkedIn by one of my peers that has condensed a new regulation and made it very easy for me to absorb that so I can pass that knowledge on to others.

Jamilla:

Thank you.

Jamal:

Before we wrap up Jamilla, I want to say from the bottom of my heart, Tahir thank you so much for coming and being such a lovely person it’s been an absolute pleasure to hear your thoughts and the fact that you've actually given up 2 hours of your life to help strangers that you've never met before and just seeing names on the channel is a testament to you as a gentleman. So thank you so much. May you be rewarded for everything that you do. And if people want to connect with you, what is the best way for them to reach out to you?

Tahir L:

I'm on LinkedIn, please connect with me. And if I can assist in any way, please reach out to me. I may not always be able to get back to you straight away, but I will engage and I'll assist in any way possible.

Outro:

If you enjoyed this episode, be sure to subscribe, like and share so you're notified when a new episode is released.

Outro:

Remember to join the Privacy Pros Academy Facebook group where we answer your questions.

Outro:

Thank you so much for listening. I hope you're leaving with some great things that will add value on your journey as a World Class Privacy Pro.

Outro:

Please leave us a four or five star review.

Outro:

And if you'd like to appear on a future episode of our podcast or.

Outro:

Have a suggestion for a topic you'd like to hear more about, please send.

Outro:

An email to team@kazient.co.uk

Outro:

Until next time, peace be with you.

Show artwork for Privacy Pros Podcast

About the Podcast

Privacy Pros Podcast
Discover the Secrets from the World's Leading Privacy Professionals for a Successful Career in Data Protection
Data privacy is a hot sector in the world of business. But it can be hard to break in and have a career that thrives.

That’s where our podcast comes in! We interview leading Privacy Pros and share the secrets to success each fortnight.

We'll help guide you through the complex world of Data Privacy so that you can focus on achieving your career goals instead of worrying about compliance issues.
It's never been easier or more helpful than this! You don't have to go at it alone anymore!

It’s easy to waste a lot of time and energy learning about Data Privacy on your own, especially if you find it complex and confusing.

Founder and Co-host Jamal Ahmed, dubbed “The King of GDPR” by the BBC, interviews leading Privacy Pros and discusses topics businesses are struggling with each week and pulls back the curtain on the world of Data Privacy.

Deep dive with the world's brightest and most thought-provoking data privacy thought leaders to inspire and empower you to unleash your best to thrive as a Data Privacy Professional.

If you're ambitious, driven & highly motivated, and thinking about a career in Data Privacy, a rising Privacy Pro or an Experienced Privacy Leader this is the podcast for you.

Subscribe today so you never miss an episode or important update from your favourite Privacy Pro.

And if you ever want to learn more about how to secure a career in data privacy and then thrive, just tune into our show and we'll teach you everything there is to know!

Listen now and subscribe for free on iTunes, Spotify or Google Play Music!

Subscribe to the newsletter to get exclusive insights, secret expert tips & actionable resources for a thriving privacy career that we only share with email subscribers https://newsletter.privacypros.academy/sign-up

About your host

Profile picture for Jamal Ahmed FIP CIPP/E CIPM

Jamal Ahmed FIP CIPP/E CIPM

Jamal Ahmed is CEO at Kazient Privacy Experts, whose mission is safeguard the personal data of every woman, man and child on earth.

He is an established and comprehensively qualified Global Privacy professional, World-class Privacy trainer and published author. Jamal is a Certified Information Privacy Manager (CIPM), Certified Information Privacy Professional (CIPP/E) and Certified EU GDPR Practitioner.

He is revered as a Privacy thought leader and is the first British Muslim to be awarded the designation "Fellow of Information Privacy’ by the International Association of Privacy Professionals (IAPP).