Data Protection (GDPR) associate
1. Policies and Procedures
- participate to the drafting and implementation of the group policies and guidelines on data protection;
- monitor actual implementation and compliance with policies, contractual obligations and applicable laws and regulation (audits, etc.);
- maintain the data processing register for controller activities;
- participate to the review and implementation of the group IT and security policies in coordination with the IT/CSO functions.
2. Risk assessment and mitigation
- define the implementation program of privacy by design measures for data controllers’ and data processors’ activities;
- assist business owners in conducting privacy impact assessment for controller and processor activities;
- participate in the management of data breaches with the support of the cybersecurity organisation and monitor the data subjects’ rights handling procedure.
3. Culture and communication
- key contact person and good relationship with the competent data protection authority;
- deliver training to all functions and business teams;
- create and animate a local privacy champion organisation in all functions and business units;
- raise awareness via internal communications and present the company externally as DPO (external events);
- participate to workstreams in a global data protection network.
Language:
- English, French would be recommended.
Applications:
- Good working knowledge of MS Office (Visio and Excel).
Other:
- Good problem solving and presentation skills;
- Good knowledge of Project Management methodology and ITIL framework and processes;
- Good team player with an ability to become a coach;
- Fast learner who enjoys and embraces change being driven by the strive by continuous improvement;
- Mobility within geography (flexible to travel).