Privacy Expert, Global Privacy - Global DPO Office, Information Security & Privacy Governance Department (ISPD)

Job Description:

Business Overview

The Technology Management Division (TMD) provides corporate IT, cyber security, and privacy governance to Rakuten Group companies and essential business management for technology organizations, thereby enabling innovation and strengthening its technology foundation. Within TMD, the Information Security Supervisory Department (ISSD) combines proactive cyber defense with strategic information security, privacy, and data governance to protect the company’s global assets and data.

Department Overview

The Information Security & Privacy Governance Department (ISPD) enables and accelerates business growth by establishing, maintaining, and enhancing robust information security, privacy, data, and AI governance frameworks across the Rakuten Group. We ensure Rakuten's global operations are secure, compliant, and innovative by adhering to regulatory requirements, providing comprehensive employee training, strategically managing data assets, and governing AI responsibly.

Position:

Why We Hire

At Rakuten Group, we believe privacy is more than a regulatory hurdle - it is a fundamental pillar of user trust. As our global ecosystem of services continues to expand and the landscape of global privacy law grows increasingly complex, we are building a dedicated team at the intersection of law, technology, and innovation. We are looking for passionate, challenge-driven experts who are skilled at translating complex global regulations into scalable, privacy-first solutions to join us in shaping the future of privacy compliance at Rakuten Group.

Position Details

- Respond to inquiries and requests from multiple stakeholders such as the business, products & development teams.

- Translate updates to regulations into guidelines and policies that take into consideration the dynamic nature of the Group company.

- Advise on the applicability of privacy laws and develop concepts to the specific business operations.

- Respond to data breaches and data protection authorities inquiries.

- Review privacy-related contracts.

- Draft and review privacy policies, data sharing agreements, and other legal documents.

- Conducting Privacy Impact Assessments and risk evaluations, and proposing risk mitigations.

- Develop privacy strategies in accordance with business needs.

- Drive the execution and continuous improvement of internal privacy compliance programs, policies and procedures in accordance with the development of the applicable privacy laws around the world .

- Monitor privacy developments and be able to flag and interpret the impact on businesses in scope.

- Support M&A deals including due diligence review related to data privacy matters.

- Other duties as required.

Mandatory Qualifications:

- 3 years or more of Privacy-related work experience.

- Deep understanding of global privacy laws and practices, including the EU’s General Data Protection Regulation and familiarity with US legislation and case law. 

- Ability to read and understand laws, regulations, policies, guidelines and industry standards.
- Ability to translate legal requirements into concrete actions.

- Ability to review and draft privacy-related contracts.

- Strong critical and proactive thinking and complex problem solving skills.

- Ability to work independently and in team.

- Experience handling Data Subject Requests (DSRs) and incident response.

- Excellent English skills (TOEIC Score 800 or higher, or equivalent level) both in speaking and writing; Japanese language skills or the motivation to learn Japanese is a bonus.

- Strong understanding of ICT and Security, knowledge of System and Software Development Processes and Lifecycles.

- Degree in Law, IT or similar with a strong privacy focus.

- International work experience.

Desired Qualifications:

- Strong interpersonal skills.
- Friendly team player with a professional mind-set.

- Those who can think for themselves and take actions.

- Willing to work in a dynamic, multicultural and global environment where multilingual skills are a big asset.

- IAPP certification like the CIPP/E.

- Strong computer literacy, including the ability to navigate project management tools like Jira, privacy management tools like OneTrust or similar software is a plus.

- Basic understanding of the Common Law legal system would be a bonus for candidates with legal background.

- Social engagement will be considered a plus. 

- Experience of living/travelling/studying/working abroad.  

#engineer #informationsecurity #privacygovernance #technologymanagementdiv

Languages: