Remotery

Governance Risk and Compliance Expert

Posted 14 hours ago

This is a fully remote position, open to applicants in Poland.

📋 Description

• Ensure that IT operations adhere to data privacy and protection standards, laws, and regulations.

• Support the design, implementation, auditing, and compliance testing initiatives to guarantee data and privacy compliance.

• Identify, document, and recommend countermeasures for any compliance gaps that may arise.

• Provide guidance on data protection issues, particularly regarding the processing of personal data.

• Conduct assessments of privacy impact.

• Draft and/or review records of processing activities related to personal data for data controllers and privacy statements.

• Develop, sustain, communicate, and educate stakeholders on data privacy policies and procedures.

• Offer legal advice and direction on data privacy and protection standards, laws, and regulations.

• Promote and enforce the organization's data privacy and protection program.

• Ensure that data owners, holders, controllers, processors, subjects, and both internal and external partners are informed of their rights, obligations, and responsibilities regarding data protection.

• Serve as a point of contact for managing inquiries and complaints related to data processing.

• Oversee audits and training activities related to data protection.

• Collaborate and exchange information with authorities and professional organizations.

• Contribute to the formulation of the organization’s strategy, policies, and procedures.

• Develop and propose training for staff to enhance compliance and promote a culture of data protection within the organization.

• Manage the legal aspects of information security responsibilities and relationships with third parties.


⛳️ Requirements

• Master's degree coupled with 5 years of professional experience in a relevant IT field.

• At least 4 years of experience in a similar role.

• Minimum English language proficiency (CEFR): C1.

• A minimum of 3 certifications from the following (mandatory): CISA, CISM, GSNA, GCCC, ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, ISO 27005 Risk Manager, CAP, CRISC, CISSP-ISSMP, GIAC Certified ISO-27000 Specialist, or equivalent internationally recognized certification (subject to acceptance as a valid credential by the Contracting EU-I).

• A minimum of 5 years of experience in personal data protection compliance within an ICT, EU institutional, public-sector, or similarly technology-intensive environment.

• At least 3 years of hands-on experience in preparing, updating, or reviewing RoPAs, DPIAs, DPAs, TIAs, or related personal data protection documentation for actual systems or processing activities.

• At least 2 years of experience in analyzing and documenting technical arrangements pertinent to personal data protection, including access rights, privileged access, logs or SIEM/log exports, retention, hosting, data flows, support access, transfers, processors, or subprocessors.


🏝️ Benefits

• Employees have the option to work remotely.

People also viewed

UltraCon Consultoria13 hours ago

GRC AC Junior/Pleno

BR flagBrazil OnlyFull-timeCompliance
ApplyView job
Binance14 hours ago

Product Compliance

GB flagUnited Kingdom OnlyFull-timeCompliance
ApplyView job
ZeOmega14 hours ago

Clinical and Regulatory Program Consultant

US flagCalifornia OnlyFull-timeCompliance
ApplyView job
Kitsch14 hours ago

Director of Regulatory – Tech Transfer

US flagUnited States OnlyFull-timeCompliance
ApplyView job
Amgen14 hours ago

Senior Regulatory Affairs Associate

US flagUnited States OnlyFull-timeCompliance$84k – $113.6k/year
ApplyView job
Life36014 hours ago

Senior GRC Engineer

US flagUnited States OnlyFull-timeCompliance$115.5k – $213k/year
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers