Governance Risk and Compliance Expert

Brak informacji o wynagrodzeniu

SeniorFull-time

#379013·Dodano dziś·0

Źródło: LinkGroup

Tech Stack / Keywords

SecuritySOLIDNetworkCloudSIEM

Hold at least three (3) active certifications from the following or direct industry equivalents: CISA, CISM, GSNA, GCCC, CISSP-ISSMP, GIAC Certified ISO-27000 Specialist, ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, ISO 27005 Risk Manager, CRISC, CAP ((ISC)²).
5+ years in Data Protection with experience in privacy compliance in high-tech environments (ICT, EU institutions, public sector, or tech-heavy enterprises).
3+ years in Privacy Documentation preparing, mapping, and validating RoPAs, DPIAs, and DPAs with inputs from system owners, SOC teams, and network architects.
2+ years in Technical Auditing analyzing technical arrangements including privileged access rights, data transfers, hosting architectures, and subcontractor data flows.
Exceptional analytical problem-solving skills to work with incomplete or conflicting IT information and identify technical compliance gaps with minimal supervision.

Align complex IT and cloud operations with European data privacy standards, laws, and regulations.
Conduct and review comprehensive DPIAs (Data Protection Impact Assessments) and maintain precise Records of Processing Activities (RoPAs).
Analyze data flows, verify access control logs, review SIEM exports, and audit data retention schemes to ensure "likely technical reality" matches declared policies.
Provide expert counsel on data protection agreements (DPAs), Transfer Impact Assessments (TIAs), and third-party vendor management.
Act as the primary point of contact for data privacy inquiries, complaints, and external audit cooperations.
Design, implement, and deliver engaging privacy awareness training programs for staff to foster a proactive security culture.

linkgroup

344 aktywne oferty