Overview Make an impact with NTT DATA. The Data Privacy Specialist, reporting into the NTT DATA, Inc. Group Global Data Privacy Center of Excellence, will be responsible for supporting the effective operation of NTT DATA Inc. Group’s global Data Privacy program by managing personal data breach response activities, data subject requests and central data privacy enquiries. The role is responsible for ensuring timely, accurate, and regulator defensible handling of privacy matters, working closely with Legal, Office of Information Security (OIS), IT, People and Culture (P&C), Data Protection Officers (DPO) and business stakeholders to ensure compliance with applicable data protection laws and internal standards. Key Responsibilities Coordinate the global intake, triage, and coordinated management of actual or suspected Data Privacy Incidents, including Personal Data Breaches, unauthorized processing, and other privacy non‑compliance. Perform an initial assessment and classification of incidents (Minor, Major, Critical) by collecting, validating, and documenting incident information provided by Incident Management Teams and business stakeholders. Perform and document Minor risk assessments, including assessment of potential harm to Data Subjects and identification of applicable notification obligations under relevant Data Protection Legislation; support Major and Critical incidents with Incident Management Teams. Coordinate with Legal, DPOs, Incident Management Teams, and business stakeholders to support the preparation, review, execution, and evidence retention of required notifications to Clients, Data Subjects, Data Protection Authorities, and other stakeholders, where required. Maintain comprehensive breach registers, investigation records, and decision rationales on OneTrust to support audit, regulatory review, and accountability obligations. Contribute to the ongoing improvement of Incident Management Process, including development of templates, and standard operating procedures. Support the preparation of Incident metrics, trend analysis, and reporting to demonstrate compliance and inform continuous improvement. Data Subject Requests (DSR) Management Manage and coordinate the end‑to‑end intake, triage, investigation, and response to Data Subject Requests (DSRs), including access, correction, deletion, restriction, objection, portability, and consent withdrawal requests in line with applicable data protection laws and internal policies and procedures. Work closely with IT, Legal, P&C, Marketing, OIS, DPOs and business stakeholders to identify relevant systems, data sources, and records required to fulfil DSRs accurately and within statutory timelines. Assess the validity, scope, and complexity of requests, applying exemptions and limitations where appropriate, escalating complex or high‑risk matters to DPOs or legal stakeholders and ensuring requests are handled in a fair, lawful, transparent, and secure manner. Ensure that all DSR activities, decisions, consultations, and outcomes are documented, logged, and retained in accordance with record keeping and confidentiality requirements. Contribute to the ongoing improvement of DSR, including development of playbooks, templates, and standard operating procedures. Support the preparation of DSR metrics, trend analysis, and reporting to demonstrate compliance and inform continuous improvement. Global Data Privacy Inbox Management Monitor and manage the central Global Data Privacy group inbox, acting as a first point of contact for DSR and Incidents requests and assign the other privacy requests to the other privacy areas. Ensure timely, consistent, and well documented responses, aligned to global Data Privacy policies, standards, and approved guidance. Identify recurring themes, pain points, and knowledge gaps in queries to inform updates to guidance materials, training, and process enhancements. Knowledge, Skills and Attributes Demonstrates a high level of accuracy, thoroughness, and attention to detail, particularly when handling sensitive personal data and regulatory‑driven activities. Strong analytical and critical thinking skills, with the ability to assess privacy risk, impact to individuals, and regulatory obligations. Pragmatic, risk‑based approach to data privacy, balancing compliance requirements with operational realities. Strong written and verbal communication skills, with the ability to produce clear, structured, and defensible correspondence and documentation. Ability to manage high‑volume, time‑critical casework (e.g., DSRs, incidents, enquiries) while meeting statutory and internal timelines. Comfortable working in fast‑paced, high‑pressure environments, including live incident and breach response situations and supporting global activities that may require outside standard working hours. Strong organizational and case management skills, with the ability to prioritise competing requests and escalate issues appropriately. Demonstrated ability to work independently with minimal supervision, while aligning to defined policies, procedures, and escalation paths. Proven ability to work effectively with cross‑functional stakeholders across regions and cultures. High level of professional judgement and discretion, with a strong understanding of confidentiality and need‑to‑know principles. Sound knowledge of global data protection laws and regulatory requirements, particularly regarding data subject rights and personal data breaches. Operates with a high degree of integrity and accountability, recognizing the sensitivity and regulatory impact of the role. Qualifications Bachelor’s degree or equivalent; CIPP, CIPM or CIPT (Preferred). Experience: 3-5 years’ experience in Data Privacy or related fields; experience supporting or managing Data Subject Requests (DSRs) and/or personal data breach and incident response activities; experience working with large, multinational organizations; experience supporting compliance or operational governance activities (e.g., case management, issue tracking, reporting); experience in telecommunications, technology and/or professional services (preferred); experience using privacy management or GRC tooling such as OneTrust and/or 6clicks (preferred). What will make you a good fit Strong interest in and commitment to Data Privacy and Data Protection, with awareness of evolving global regulatory expectations. Able to communicate clearly, professionally, and confidently with internal and external stakeholders at all levels. Comfortable working in a globally distributed environment, interfacing with multiple cultures, regions, and time zones. Strong analytical mindset, sound judgement, and ability to work independently within defined processes. Highly effective in time and workload management, with the ability to manage competing priorities and statutory deadlines. Resilient and composed under pressure, particularly during time‑critical response activities such as live incidents or breach response. Takes ownership of work, follows through on actions, and understands the importance of accuracy, confidentiality, and audit‑ready documentation. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world’s leading AI and digital infrastructure providers, with capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to an ecosystem of innovation centers and established and start‑up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D. Equality statement and notices: NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Third parties fraudulently posing as NTT DATA recruiters; NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us. #J-18808-Ljbffr