Condé Nast is a global media company producing the highest quality content with a footprint of more than 1 billion consumers in 32 territories through print, digital, video and social platforms. The company’s portfolio includes many of the world’s most respected and influential media properties including Vogue, Vanity Fair, Glamour, GQ, The New Yorker, Condé Nast Traveler/Traveller, Allure, AD, Bon Appétit and Wired, among others.

Job Description

Location:

London, GB

Condé Nast is a global media company producing the highest quality content with a footprint of more than 1 billion consumers in 32 territories through print, digital, video and social platforms. The company’s portfolio includes many of the world’s most respected and influential media properties including Vogue, Vanity Fair, Glamour, Self, GQ, The New Yorker, Condé Nast Traveler/Traveller, Allure, AD, Bon Appétit and Wired, among others.

Condé Nast is a global media company, home to iconic brands including Vogue, GQ, Glamour, CN Traveller, Vanity Fair, Wired, The World of Interiors, House & Garden and Tatler, among many others. We are headquartered in New York and London and operate in 32 markets worldwide, with a footprint of more than 1 billion consumers across print, digital, video and social platforms. 

Condé Nast thrives on collaboration, and our teams come together in the office four days a week (Monday - Thursday). We value diversity of background, views and cultures. We celebrate people for their personal qualities, skills and contributions, recognising the power our brands have to influence and shape culture. The cross-functional Data Governance function, in which the role sits, is an integral part of our overall business strategy, helping us to generate value through the use of our first party data in line with regulatory compliance.

Purpose

The Data Governance team supports Technology and Legal in initiatives that increase trust in and utility of data at Condè Nast, to ensure internal and regulatory compliance while driving operational excellence.

The Data Governance & Privacy Analyst will work in a dynamic team responsible for delivering operational initiatives that drive data privacy and compliance. Initial responsibilities involve contributing to the development and subsequent iterations of a roadmap for effective data mapping and lineage capabilities, in order to establish comprehensive and trustable repositories that align our understanding of information flows across Condé Nast and enable efficient handling of DSR (data subject request), generation of ROPA (record of processing activities) and DPIA (data protection impact assessment) documents by Legal.

You will contribute to the delivery of data mapping and curation, ensuring that outputs are fit for purpose and have appropriate governance operating models in place to promote quality, freshness and access. You will manage projects end-to-end and use SQL and broad knowledge of the digital marketing landscape to describe and depict our data flows in formats that are aligned with US and global regulatory compliance standards and guidelines, as well as to provide up-to-date standardised understanding across Technology, Commercial, Legal and other departments.

Your role is pivotal in helping Condé Nast develop its privacy programme maturity, efficiency and reporting on status, including remediation of gaps and special projects. You will support programmes, playbooks and standard operating procedures for privacy compliance processes. Your role will require working with internal and cross-functional teams globally. You will leverage cross-domain expertise to collaborate with various teams and stakeholders on complex and sensitive data privacy initiatives. In particular you will collaborate with the Data & Technology Legal team to translate legal requirements into privacy programme deliverables and processes.

The role is responsible for supporting data privacy, which, in collaboration with Legal, works to address:

• development of data privacy best practices, including workflows
• documentation of first and third party data use and flows
• proactive minimisation of data-related risks through compliant analytics
• solving for data quality through privacy-first approaches

Responsibilities:

• Lead technical privacy reviews across websites, mobile apps and backend services. Assess data collection, tracking technologies and third party integrations at code and network level, including cookies, pixels, SDKs, APIs and JSON payloads.
• Own end to end data mapping. Document and maintain accurate records of data flows, data elements, systems and vendors. Keep records of processing activity current and aligned with regulatory requirements across markets.
• Run compliance scanning and monitoring using tools such as Privado, Didomi and ObservePoint. Validate consent signals, tag behaviour and data transmission. Investigate gaps and drive remediation with engineering teams.
• Support consent management. Review and test consent platforms, ensure correct implementation of consent modes and frameworks such as TCF. Confirm that user choices control data collection and downstream processing.
• Handle data subject rights workflows. Support intake, validation and fulfilment of DSARs, deletion and access requests. Work with engineering and data teams to locate, extract and erase data across systems within legal timeframes.
• Prepare regulatory responses. Gather evidence, produce clear documentation and support Legal and Data Protection teams in responding to regulators, audits and internal reviews.
• Conduct privacy risk assessments. Review new and existing products, features and vendors. Identify risks in data use, cross border transfers and retention. Recommend practical controls and track mitigation.
• Audit data processing and sharing. Verify that analytics, advertising and third party data flows match declared purposes, contracts and consent states. Monitor ongoing compliance and report breaches or deviations.
• Define and enforce data governance standards. Maintain data classifications, naming standards and schema controls. Ensure consistent use of identifiers, events and attributes across platforms.
• Partner with Engineering, Product and Legal. Translate regulatory requirements into technical tasks. Guide implementation and verify outcomes through testing and inspection.
• Maintain documentation and training. Produce clear guidance on tracking, consent, data handling and privacy by design. Train teams on correct implementation and common failure points.
• Support vendor governance. Review third party technologies, assess data collection and transfers, ensure contracts and configurations meet privacy requirements.

Skills and Experience

• At least 3 years of experience in data privacy, data governance or ad tech within digital media or platform environments, with direct exposure to web and mobile data collection.
• Strong technical understanding of how websites and apps work. Ability to inspect cookies, tags, pixels, SDKs, APIs and JSON payloads using browser and network tools.
• Proven experience conducting technical privacy reviews and audits. Ability to trace data flows from front end collection through to backend systems and third party vendors.
• Hands on experience with data mapping and records of processing. Ability to produce and maintain accurate, system level documentation of data elements, flows and purposes.
• Working knowledge of consent management platforms and frameworks such as TCF. Ability to validate consent signals and ensure correct enforcement across analytics and advertising technologies.
• Experience supporting data subject rights processes, including DSARs, access, deletion and portability. Ability to locate and retrieve data across distributed systems.
• Familiarity with compliance monitoring tools such as Privado, Didomi, ObservePoint or similar. Ability to interpret scan results and drive remediation with technical teams.
• Strong knowledge of US privacy laws including CCPA and CPRA, with working knowledge of GDPR and other global frameworks. Ability to translate legal requirements into technical controls.
• Experience in regulatory response and audit support. Ability to gather evidence, document findings and support responses to internal and external reviews.
• Understanding of data governance practices including schema design, data standards and classification. Ability to enforce consistency across tracking and analytics implementations.
• Clear communication skills. Ability to explain technical data flows and risks to Commercial, Product and Engineering. Strong analytical skills and attention to detail. Ability to investigate discrepancies in data collection and consent.
• Able to manage multiple workstreams in a fast moving environment, maintain clear structure and prioritisation, and preserve accuracy and control across documentation and review work despite shifting demands and ambiguity.

What happens next?

If you are interested in this opportunity, please apply below, and we will review your application as soon as possible. You can update your resume or upload a cover letter at any time by accessing your candidate profile.

Condé Nast is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, age, familial status and other legally protected characteristics.