Governance Risk and Compliance Expert
Brak informacji o wynagrodzeniu
SeniorFull-time
#379013·Dodano dziś·0
Źródło: LinkGroupTech Stack / Keywords
SecuritySOLIDNetworkCloudSIEM
Wymagania
- Hold at least three (3) active certifications from the following or direct industry equivalents: CISA, CISM, GSNA, GCCC, CISSP-ISSMP, GIAC Certified ISO-27000 Specialist, ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, ISO 27005 Risk Manager, CRISC, CAP ((ISC)²).
- 5+ years in Data Protection with experience in privacy compliance in high-tech environments (ICT, EU institutions, public sector, or tech-heavy enterprises).
- 3+ years in Privacy Documentation preparing, mapping, and validating RoPAs, DPIAs, and DPAs with inputs from system owners, SOC teams, and network architects.
- 2+ years in Technical Auditing analyzing technical arrangements including privileged access rights, data transfers, hosting architectures, and subcontractor data flows.
- Exceptional analytical problem-solving skills to work with incomplete or conflicting IT information and identify technical compliance gaps with minimal supervision.
Obowiązki
- Align complex IT and cloud operations with European data privacy standards, laws, and regulations.
- Conduct and review comprehensive DPIAs (Data Protection Impact Assessments) and maintain precise Records of Processing Activities (RoPAs).
- Analyze data flows, verify access control logs, review SIEM exports, and audit data retention schemes to ensure "likely technical reality" matches declared policies.
- Provide expert counsel on data protection agreements (DPAs), Transfer Impact Assessments (TIAs), and third-party vendor management.
- Act as the primary point of contact for data privacy inquiries, complaints, and external audit cooperations.
- Design, implement, and deliver engaging privacy awareness training programs for staff to foster a proactive security culture.
linkgroup
344 aktywne oferty