Personal Data Protection Legal Counsel

The worldwide leader in developing, managing and delivering a unique array of On-Site Services, Benefits & Rewards Services as well as Personal and Home Services is hiring!

Join the great team of this competitive employer (Bucharest offices) and take the opportunity to work in a fulfilling and stable environment.

Open position: Personal Data Protection Legal Counsel

Job description:

Provide legal and commercial advice and solutions for the company in the areas of data protection;

Lead on all aspects of data protection requirements under applicable data protection law, including the General Data Protection Regulations (GDPR);

Ensure confidentiality of all information and data managed.

Responsibilities:

• Ensure legal compliance with evolving data protection law that impacts a diverse business (especially GDPR);
• Implements a work schedule to ensure that the company meets all GDPR requirements;
• Locating, adapting, updating and harmonizing Group’s data protection procedures, integrating data protection aspects in company’s workflows, monitoring and evaluating their implementation;
• Assessment of protection risks and compliance requirements in company’s projects;
• Keeps up-to-date information from the group systems on reporting data protection processes for the group companies;
• Provide ongoing training to company’s employees, support data protection awareness campaign;
• Conduct new iterations of data mapping for GDPR compliance;
• Support new iterations of IT data security assessments;
• Suggest and provide specifications for enhancements to business processes aiming to reduce data security risks;
• Support data security certification audits, internal audits, authorities’ audits regarding data privacy aspects;
• Conduct on a regular basis an independent review of the access rights from data privacy perspective;
• Draft and negotiate data protection provisions into contracts to be signed with clients, merchant and suppliers;
• Answer to the data protection requests addressed by clients and data subjects;
• Investigate, document and report data security breaches;
• Conduct/ support data protection impact assessments;
• Report to Group’s DPO and data protection governance committees;
• Provide support on any data protection related matter to other Group’s local companies.

Requirements:

• Studies: Law university degree;
• Proven experience in data protection law and practice Experience in risk assessment or internal control is value added;
• Proven operational experience in the operational implementation of compliance and audit processes regarding the data protection;
• Strong communication and relationship management skills and proven ability to create networks; and build influence and advocacy across different businesses and stakeholder groups;
• Analytical thinking and decision-making skills; able to analyses complex situations by looking at multiple causes and effects so that resources are focused in the right areas;
• Effective presentation skills, written and oral communication skills. Capacity to make the legal information easy to understand by different audiences;
• Project, leadership and change management skills;
• English – advance written and spoken;
• Autonomous on work/resource allocation – operational tasks;
• Team spirit;
• Good organizing sense;
• Objectives oriented;
• Rigor and attention to details;
• Working under stress;
• Good understanding of IT&S processes;
• Ability to perform data mapping iterations.