I just landed a privacy job with a software company. Transitioning out of being an attorney in a program manager role. It is a little long, but gives you an idea of what I did. Towards the end of 2020, the California Lawyers Association sent out a message that they were offering a free membership to the Privacy Law Section, so I accepted it. I began looking into things and I saw that they published articles. I read some and reached out to one of the more regular contributors and spent like an hour on the phone with him (good guy, now runs the Privacy Section Publications Section). He recommended I do the CIPP/US first because it would really help me figure out if I liked privacy and data law because it wouldn’t be too draining in terms of understanding the system and laws compared to the CIPP/E which is different from the US legal system that we are both familiar with. Good thing is the CIPP/US book touches on EU stuff, which helps gain a high level overview. I joined the IAPP in March 2021, got my CIPP/US in July 2021, and right after, I began networking on LinkedIn like crazy. After networking and talking to people, I was able to join the California Lawyers Association Privacy Section's Publications Section and have been writing for them since August 2021. I have done one article each month since then. I kept networking the whole time, reaching out, doing continuing legal education geared towards privacy (Lawline has a lot of these but it does cost, but I found it worth it). The IAPP does a ton of networking and webinars too, and I have used that to network and reach out to people. The whole time, I just kept applying for jobs and interviewing. I got shot down a lot because I lacked practical experience, but a company took a chance on me and I got a job. Regarding training, you definitely don’t need to do the IAPP trainings, but there are a couple of trainings that are helpful outside of the IAPP. For example, I used LinkedIn Learning (comes with the LinkedIn membership, which I find to be super useful: (1) Prepare for the Certified Information Privacy Professional (CIPP/US) Exam - I used this for my CIPP/US on top of reading the text, outlining, and reviewing my outlines. (2) GDPR Compliance: Essential Training - Used this for CIPP/E. I also used some non-IAPP created practice exams by Jasper Jacobs Jaspers to practice for the CIPP/US and E. It isn’t an IAPP approved practice exam, but I did find it helpful for both exams. For CIPP/C, I imagine it would all work the same. I'm currently working on my CIPM.

Just buy the official IAPP book, review the exam blueprint, and exam outline, which are free, and you’re almost 90% there. 10% is you studying the materials.