Our client is a leading European institution operating within a highly regulated and security-focused environment. To strengthen its governance and data protection capabilities the organization is looking for an experienced Governance Risk & Compliance (GRC) Expert to ensure compliance with European data protection regulations and embed privacy best practices across complex IT systems and business processes.
Location: Warsaw Poland (On-site)
Employment Type: Full-time (B2B Contract)
Level: Mid-Senior Level
Work Authorization: Required for Poland (Work Authorization Support is Available for Exceptional Candidates)
Please note: A personal security clearance is required for this position.
The Opportunity
This is not a general compliance role.
Our client is looking for a hands-on GRC professional who combines strong regulatory expertise with a deep understanding of technology data flows and enterprise IT environments. Youll work closely with architects cybersecurity teams system owners and business stakeholders to transform legal and regulatory requirements into practical scalable compliance solutions.
What Youll Do
Ensure IT systems and business processes comply with GDPR and applicable data protection regulations
Conduct compliance assessments audits and gap analyses while recommending practical remediation actions
Prepare maintain and review Records of Processing Activities (RoPAs) Data Protection Impact Assessments (DPIAs) Data Processing Agreements (DPAs) Transfer Impact Assessments (TIAs) and related documentation
Perform privacy impact assessments for new and existing systems
Analyze technical environments including data flows access rights privileged access logging SIEM integrations retention policies hosting models and third-party processing arrangements
Advise business and technical teams on privacy governance and regulatory requirements
Develop and maintain data protection policies procedures and governance frameworks
Deliver awareness sessions and training programs to strengthen organizational privacy culture
Act as a trusted advisor for internal stakeholders auditors supervisory authorities and external partners
Maintain comprehensive documentation reports and compliance records
Who Were Looking For
5 years of experience in data protection privacy or GRC within ICT public-sector EU institutional or technology-driven environments
3 years of hands-on experience preparing or reviewing RoPAs DPIAs DPAs TIAs and related GDPR documentation
Experience analyzing technical environments data flows access controls processors subprocessors and security arrangements
Strong understanding of GDPR and European data protection legislation
Ability to translate regulatory requirements into practical technical and operational solutions
Excellent analytical documentation stakeholder management and communication skills
Comfortable working in structured highly regulated environments
Fluent English (C1 or higher)
Nice to Have
CIPP/E CIPM CIPT ISO 27001 Lead Implementer or similar certifications
Legal background with a specialization in data privacy
Experience working with EU institutions government organizations or international public-sector projects
Knowledge of NIS2 ePrivacy ISO 27001 or other governance frameworks
Experience collaborating with cybersecurity SOC infrastructure and enterprise architecture teams
Polish language proficiency
What We Offer
Opportunity to shape governance and data protection practices within a major European institution
High-impact role working across legal security and enterprise technology teams
Long-term B2B engagement in a secure international environment
Challenging projects focused on privacy governance and regulatory excellence
Work alongside experienced compliance cybersecurity and enterprise architecture professionals
If youre passionate about privacy governance and translating complex regulations into real-world technology solutions wed love to hear from you...
About Our Client Our client is a leading European institution operating within a highly regulated and security-focused environment. To strengthen its governance and data protection capabilities the organization is looking for an experienced Governance Risk & Compliance (GRC) Expert to ensure complia...
About Our Client
Our client is a leading European institution operating within a highly regulated and security-focused environment. To strengthen its governance and data protection capabilities the organization is looking for an experienced Governance Risk & Compliance (GRC) Expert to ensure compliance with European data protection regulations and embed privacy best practices across complex IT systems and business processes.
Location: Warsaw Poland (On-site)
Employment Type: Full-time (B2B Contract)
Level: Mid-Senior Level
Work Authorization: Required for Poland (Work Authorization Support is Available for Exceptional Candidates)
Please note: A personal security clearance is required for this position.
The Opportunity
This is not a general compliance role.
Our client is looking for a hands-on GRC professional who combines strong regulatory expertise with a deep understanding of technology data flows and enterprise IT environments. Youll work closely with architects cybersecurity teams system owners and business stakeholders to transform legal and regulatory requirements into practical scalable compliance solutions.
What Youll Do
Ensure IT systems and business processes comply with GDPR and applicable data protection regulations
Conduct compliance assessments audits and gap analyses while recommending practical remediation actions
Prepare maintain and review Records of Processing Activities (RoPAs) Data Protection Impact Assessments (DPIAs) Data Processing Agreements (DPAs) Transfer Impact Assessments (TIAs) and related documentation
Perform privacy impact assessments for new and existing systems
Analyze technical environments including data flows access rights privileged access logging SIEM integrations retention policies hosting models and third-party processing arrangements
Advise business and technical teams on privacy governance and regulatory requirements
Develop and maintain data protection policies procedures and governance frameworks
Deliver awareness sessions and training programs to strengthen organizational privacy culture
Act as a trusted advisor for internal stakeholders auditors supervisory authorities and external partners
Maintain comprehensive documentation reports and compliance records
Who Were Looking For
5 years of experience in data protection privacy or GRC within ICT public-sector EU institutional or technology-driven environments
3 years of hands-on experience preparing or reviewing RoPAs DPIAs DPAs TIAs and related GDPR documentation
Experience analyzing technical environments data flows access controls processors subprocessors and security arrangements
Strong understanding of GDPR and European data protection legislation
Ability to translate regulatory requirements into practical technical and operational solutions
Excellent analytical documentation stakeholder management and communication skills
Comfortable working in structured highly regulated environments
Fluent English (C1 or higher)
Nice to Have
CIPP/E CIPM CIPT ISO 27001 Lead Implementer or similar certifications
Legal background with a specialization in data privacy
Experience working with EU institutions government organizations or international public-sector projects
Knowledge of NIS2 ePrivacy ISO 27001 or other governance frameworks
Experience collaborating with cybersecurity SOC infrastructure and enterprise architecture teams
Polish language proficiency
What We Offer
Opportunity to shape governance and data protection practices within a major European institution
High-impact role working across legal security and enterprise technology teams
Long-term B2B engagement in a secure international environment
Challenging projects focused on privacy governance and regulatory excellence
Work alongside experienced compliance cybersecurity and enterprise architecture professionals
If youre passionate about privacy governance and translating complex regulations into real-world technology solutions wed love to hear from you...