Apply now »

Senior Associate - Cyber Data Privacy & Protection

Date:  25 Mar 2024
Service Line / Portfolios:  Cyber & Strategic Risk

Jakarta, ID

What impact will you make?

At Deloitte, we offer a unique and exceptional career experience to inspire and empower talents like you to make an impact that matters for our clients, people and community. Whatever your aspirations, Deloitte offers you a highly inclusive, collaborative workplace and unrivalled opportunities to realize your full potential. We are always looking for people with the relentless energy to push themselves further, and to find new avenues and unique ways to reach our shared goals.

So what are you waiting for? Join the winning team now.

Work you’ll do


  • Enable clients to understand the impact of privacy laws, regulations and standards/trends across their organization and develop strategies to enhance their privacy program maturity
  • Assist in the development of privacy program governance components (e.g., policies, procedures, standards, frameworks, trainings, notices) for complex global clients across industries
  • Assist clients with understanding how privacy technologies can serve as an enabler for privacy program operations and assist with deployment of leading privacy technologies
  • Assist clients in designing, deploying and managing technology and process solutions to reduce the potential of data compromise
  • Assist clients with developing technical requirements, evaluating vendor solutions, developing architecture & design, and testing of data protection and data security solutions
  • Advise clients in understanding the future state problems and challenges in cyber security and work collaboratively with them to enhance capabilities
  • Coordinate with diverse group of client stakeholders to meet their unique needs in fast-paced environments
  • Understanding of the entire ecosystem of data protection including well-rounded understanding of the information security domains and their inter-relations across that ecosystem.
  • Support the privacy practice in market expansion and revenue growth YoY

Your role as a leader

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves everyday to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. In addition to living our purpose, Senior Associates / Senior Consultants / Assistant Manager across our Firm are expected to:


  • Understand objectives for stakeholders, clients and Deloitte whilst aligning own performance to objectives and sets personal priorities.
  • Develop themselves by actively seeking opportunities for growth, shares knowledge and experiences with others, and acts as a strong brand ambassador.
  • Seek opportunities to challenge themselves, collaborate with others to deliver and takes accountability for results.
  • Build relationships and communicates effectively in order to positively influence peers and stakeholders.
  • Work effectively in diverse teams within a highly inclusive team culture where everyone is supported, respected and recognized for their contribution.




  • 2 + years of experience in assessing, designing, building, and implementing privacy programs
  • 2+ years demonstrated ability to translate business, risk and regulatory requirements into data protection solutions, and to effectively communicate those solutions to business leaders and executives.
  • Strong knowledge and awareness of domestic and global privacy laws, regulations, and standards such as the UU ITE, PP71/2019, Perkominfo No 20/2016, GDPR, ISO 27701, NIST Privacy Framework
  • Experience in facilitating privacy stakeholder interviews and working sessions
  • Demonstrated ability to build stakeholder relationships and excellent communication skills
  • Excellent communication skills and fluency in written and spoken English



  • Demonstrated experience in designing and implementing technology and process solutions to reduce the potential risk of data compromise
  • Certifications in one or more of the following: CIPP, CIPM, CIPT, FIP, CDPSE, CISM, CISSP
  • Experience with Privacy Management technology, e.g. OneTrust, Securiti, BigID, TrustArc, etc.
  • 2 + years of experience in developing, implementing, and/or operating one or more of the privacy program components such as:
    • Organization and operating model
    • Privacy requirements and control frameworks
    • Privacy metrics and reporting procedures
    • Record of processing activities / data inventory
    • Privacy policies, notices, contracts and clauses
    • Individual / data subject rights
    • Consent, preference, and cookies management
    • Third party privacy risk management
    • Cross-border data transfer mechanisms (e.g. binding corporate rules, model contracts)
    • Privacy by design/default and data privacy impact assessments
    • Privacy training and awareness
    • Privacy incident response
  • Hands on experience working with few of the following data protection technologies:
    • Data Loss Prevention (DLP) technology (e.g. Symantec DLP, Forcepoint DLP, McAfee DLP, CoSoSys, Digital Guardian)
    • Endpoint Protection and Endpoint Detection and Response technology (e.g. Crowdstrike Falcon, Cylance Protect/Optics, Microsoft Defender, VMware Carbonblack etc.)
    • Cloud Access Security Broker (CASB) technology (e.g Netscope CASB,Forcepoint CASB, McAfee CASB, Microsoft MCAS etc)
    • Secure Web Gateways and DNS Security technology (e.g. Zscaler Internet Access, Broadcom Web Security, Netskope Secure Web Gateway, Cisco Umbrella OpenDNS etc.)
    • Data Discovery, Retention and Destruction technologies (e.g. Symantec Network Discovery, Veritas Data Insight, Varonis Suite etc)
    • Data Classification and Rights Management technology (e.g. Microsoft Azure Information Protection, Boldonjames Data Classification, Titus Classification Suite etc)
    • Key and Certificate Lifecycle Management technology  (e.g Venafi Trust Protection, Vormetric Key Management etc.)
    • Public Key Infrastructure technologies (e.g. Digicert, Entrust, Verisign, RSA Security etc)
    • Data Access Governance technology (e.g. Varonis, BigID, Optiv, Netwrix, etc.)
    • Database Encryption technologies (e.g. CipherTrust, Vormetric Transparent Encryption, IBM Guardium, Fortanix etc)
  • Familiarity with consumer identity and access management concepts and solutions such as ForgeRock, SAP CDC, Okta, certification a plus
  • Familiarity with cloud technologies such as AWS, MS Azure, GCP; certification a plus
  • Strong awareness of ongoing and recent developments across the privacy landscape


Due to volume of applications, we regret only shortlisted candidates will be notified. Candidates will only be contacted by authorized Deloitte Recruiters via firm’s business contact number or business email address.



Requisition ID:  75361

In Indonesia, the services are provided by Imelda & Rekan and other related entities in Indonesia ("Deloitte in Indonesia"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Indonesia, which is within the Deloitte Network, is the entity that is providing this Website.

Apply now »