Data Protection Officer
Global company seeks an experienced and highly motivated privacy and data protection professional to fill the role of EU Data Protection Officer (“DPO”) . Client is committed to the data protection and privacy of the customers and merchants that use its services globally. This position will play a crucial role in ensuring compliance with European and national data protection legislation, including the EU’s General Data Protection Regulation (“GDPR”) that becomes applicable in May of 2018.
The DPO will be involved in all issues relating to the protection of personal data. In particular, the DPO will, in accordance with Article 39 of the GDPR, be responsible for:
- Monitoring and reporting on compliance with the GDPR, withother European and national data protection legislation, and company data protection policies and procedures related to the same, including by conducting related audits and assigning monitoring responsibilities.
- Serving as company’s point of contact with the relevant Data Protection Authorities.
- Advising client, where requested, regarding data protection impact assessments.
- Coordinating withHR in the development of policies, procedures, and practices for job applicants and staff.
- Risk-based analysis, taking into account the nature, scope, context, and purpose of Company’s processing.
- Responding to communications from company’s customers and employees regarding the processing of their personal data and the exercise of their individual data protection rights under the GDPR.
- Participating in relevant working groups dealing with data processing activities, including participating regularly in meetings of middle and senior management.
- Conducting awareness raising activities and training company employees on data protection and privacy.
- Preparing annual reports of DPO activities.
- Creating inventories and maintaining up-to-date records of processing operations.
- Monitoring data protection and privacy enforcement actions and guidance, including from the Article 29 Working Party and member countries.
- 5+ years relevant working experience and proven record working in house with privacy and data protection issues for multinational organizations
- Proven experience of proactive management of global compliance frameworks and of providing training on compliance frameworks
- Expert knowledge of data protection law and privacy practices, including familiarity with national and European data protection laws and practices as well as in-depth knowledge of the GDPR
- Proven record of successfully engaging with Data Protection Authorities and other regulators on matters concerning data protection compliance
- Excellent written and interpersonal communication skills
- Demonstrated ability to work in a fast-paced environment, prioritizing conflicting demands from multiple business clients, and to make sound decisions on tight deadlines
- Demonstrated ability to find practical, creative, and cost-effective solutions to data protection and privacy issues
- Demonstrated leadership across multiple business functions to deliver strategic results and experienced at presenting to executive management at the highest levels
- Demonstrated knowledge of information technology, data security, and incident response
- Experiencewith customer-facing e-commerce
- Strong background in drafting and negotiating appropriate privacy and security provisions in vendor contracts
- Excellent academic credentials, advanced degree or lawdegreepreferred but not required
- FIP, CIPP/E, and/or CIPM certifications
- English fluency required