Data Protection Expert

In the Data Protection Governance Risk & Control Teamwe are expected to:

• Supports the ESA-DPO in maintaining the records of processing activities providing data protection assessments and impact analysis data subject requests processing:
  • Manage end to end process analysis whenever personal data is involved
  • Provide support to the relevant person in completing the Personal Data Protection (Impact) Assessment.
  • Ensure all processing activities involving personal data are registered and documented as expected by the Personal Data Protection framework.
  • Provide support to the Data Protection Office on Data Subject Request (DSR) process management and Data Breach investigation management.
  • Partner with representatives of IT Data Protection Office Risk Audit and other key business teams to advance personal data protection initiatives.
  • Develop a high-level of trust with stakeholders to ensure on-going commitment.
  • Promote and enhance the appropriate level of awareness of the Personal Data Protection framework (Awareness & Training)
  • Foster a team environment open to communication and collaboration.
  • Require the implementation of the GDPR controls to the process owners with the control objectives to meet.
  • Monitor the implementation of these controls and collect the evidence of the control effectiveness and log and follow-up on gaps identified
• Define and oversee implementation of Asset Classification processes and report on it.
• Design the cyber-security data protection controls by producing deliverables such as standards policies requirements market benchmarks and feasibility studies.
• Assess a security risk from both from a functional and a technical perspective.
• Require the implementation controls with the control objectives to meet.
• Monitor the implementation of these controls to the data sources.
• Collect the evidence of the control efficiency and produce attestations upon request from internal/external auditors and regulators.
• Oversee a catalogue of data security services and a portfolio of projects to develop and improve capabilities such as Data Leakage Prevention (DLP) Microsoft 365 Security & Compliance (Defender & Purview) data encryption anonymization.
• Contribute to raising awareness of stakeholders like data and application owners.
• Support projects teams and provide general consultancy on data protection.

In this context the collaboration is crucial with the different teams involved in security and risk management:

• Partner with representatives of Cyber-Security IT Risk Audit and other key business teams to advance data protection initiatives.
• Develop a high-level of trust with stakeholders to ensure on-going commitment.
• Foster a team environment open to communication and collaboration.

Our part of the deal:

• You will benefit from highly knowledgeable person training on the job
• You will be part of the Data Protection Services Tribe and contribute to the Diamond Strategy implementation
• You will be in charge and responsible to run the service review SOPs monitor your activity through right set of KPI while embracing fully the Agile methodology
• Provide training means to achieve certification on the field of Cloud GDPR AI.

Qualifications skills and experience:

A combination of several of the below should be covered:

• IT security professional with proven experience in cybersecurity application security data security and/or data protection.
• Experience in risk analysis and control efficiency assessment.
• Knowledge of standard control frameworks like ISO 27001/27002 NIST Cybersecurity Framework CIS TOP 20
• Knowledge of regulatory and sector frameworks like SWIFT CSCF FISR GDPR ...
• Cybersecurity training and certification like CISSP CISA SSCP GSEC SANS or equivalent is a plus.
• Proficient oral and written communications skills in English.

Interpersonal Skills:

• Driven and energetic with an entrepreneurial attitude and a hands-on mentality.
• Curious and able to see the bigger picture when facing challenges.
• Proactively works to prevent impediments from affecting the teams overall functioning ensuring successful solution delivery.
• A team player capable of thriving in a dynamic organizational environment that combines both agile and waterfall methodologies.
  
  #LI-NS1