Data Protection Officer DPO

We are seeking a highly skilled and experienced Data Protection Officer (DPO) who will be responsible for ensuring that our company is in compliance with data protection laws and regulations and for education our employees on data protection best practices.

The role is placed in our second line CRO function and your responsibilities will also involve acting as an independent control function regarding operational risk management with a focus on ICT risk.

The ideal candidate will have a deep understanding of data protection laws and regulations and a general knowledge about ICT risks to be able to control and challenge the first line operational risk activities.

Key Responsibilities:

• Serve as the main point of contact within the organization for staff members regulators and relevant public authorities on issues related to operational risk management and data protection.
  
• Ensure that company policies are in compliance with codes of practice such as GDPR (General Data Protection Regulation).
  
• Evaluate the existing data protection framework to identify areas of no or partial compliance and rectify any issues.
  
• Devise training plans and provide data protection advice to staff members.
  
• Inform and advise the data controller or data processor on all matters related to data protection.
  
• Promote a culture of data protection and compliance across all units of the organization.
  
• Monitoring and controlling that our operational risks such as ICT and security risks are identified measured assessed managed monitored and reported.
  
• Ensure that company policies and processes are in compliance with relevant frameworks such as DORA and EBA Guidelines on ICT and security risk management.
  
• Develop and maintain operational risk management policies and procedures and support the organization with implementation thereof.
  
• Work with senior management to identify potential threats and develop strategies to mitigate any negative consequences.

Qualifications and Experience:

• Bachelors degree in economics lawor a related field.
  
• At least 3 years of experience in data protection compliance or a related field.
  
• Experience in operational risk management ICT Risk Management or similar.
  
• Expertise in data protection laws and regulations including GDPR.
  
• Excellent organizational communication and management skills.
  
• Ability to lead training sessions and workshops for staff members.