Descripción de la oferta
ResponsibilitiesEnsure that IT operations comply with EU data protection and privacy standards, laws and regulationsSupport the design, implementation, auditing and testing of controls to ensure data protection complianceIdentify, document and propose remediation actions for compliance gapsProvide expert advice on data protection matters, particularly in the context of personal data processing activitiesConduct Privacy Impact Assessments (DPIAs) and support risk analysis activitiesDraft and review Records of Processing Activities (RoPAs), privacy notices and related documentationDevelop, maintain and promote data privacy policies, procedures and awareness initiatives across the organisationAct as a key point of contact for data protection queries, incidents and complaintsEnsure stakeholders (data owners, controllers, processors and partners) understand their data protection obligationsMonitor audit activities and contribute to data protection training programsCollaborate with internal teams (IT, cybersecurity, operations, legal) and external stakeholders, including authoritiesContribute to the continuous improvement of organisational data protection strategy, policies and processesManage legal aspects of information security and third‑party data protection complianceRequirementsCandidates based anywhere in the European Union are welcome to applyMinimum education level: Level7 (Master)Minimum English level: C1 (CEFR)At least5years of relevant professional experience in IT/data protection, with a minimum of4years in a similar roleAt least5years of experience in personal data protection compliance in ICT, EU institutions, public sector or similar environmentsHands‑on experience (minimum3years) preparing or reviewing RoPAs, DPIAs, DPA, TIA and related documentationAt least2years of experience analysing technical environments (data flows, access management, logs, SIEM, hosting, transfers, subprocessors, etc.)Strong ability to work with incomplete or inconsistent information, identify gaps and structure actionable next stepsAt least3 recognised certifications such as CISA, CISM, CRISC, CISSP‑ISSMP, CAP, ISO27001 Lead Implementer/Auditor, ISO27005 Risk Manager, GIAC certifications or equivalentExcellent knowledge of EU data protection legislation and regulatory frameworksStrong understanding of data protection standards, policies and best practicesSolid background in IT operations, service delivery and compliance frameworksPractical experience with privacy impact assessment methodologiesAbility to align business strategy with legal and regulatory requirementsProven capability to design and implement data protection policies and proceduresExcellent communication skills with the ability to explain complex privacy topics to diverse audiencesStrong ethical mindset and ability to adapt to regulatory changesTeam‑oriented approach with strong collaboration skillsWhat We OfferPrestigious projects within European institutionsInternational, innovative, and multicultural environmentsContinuous support from a team of experts in EU projectsIn accordance with Organic Law3/2007 of March22, the company is committed to promoting the defense and effective application of the principle of equality between men and women, preventing any type of labour discrimination based on sex, and guaranteeing equal entry opportunities. The company also promotes diversity and rejects any discrimination based on race, gender, functional diversity, religion, sexual orientation, gender identity, or any other personal or social condition, striving to build an inclusive and enriching environment.
#J-18808-Ljbffr