The Data Privacy and Protection department, under the Group Data Protection Officer (Group DPO) who in turn reports to the Group Chief Risk Officer (CRO), is part of the Group Risk Functions within BNP Paribas acting as a 2nd Line of Defence (LoD). With a multidisciplinary team (e.g. management, legal, IT) integrated in the RISK ORC ICT - Global CoE, this department has the responsibility for Group-wide approach of key data privacy and protection topics and for coordination of activities for DPOs at Group level.
The Data Protection Security and IT Coordinator will assist with the implementation, management and monitoring of the data privacy and protection strategy and the creation and roll-out of policies, guidelines, and data protection awareness training.
Data Protection Security and IT Coordinator will have special focus into the IT and Cybersecurity aspects of the GDPR and Data Protection, including technology, IT processes and Cyber-Security architectures.
Moreover, will identify and manage risks related to data privacy and protection, and escalate risks and issues to executives, as needed.
Will coordinate and oversight of activities in relation to the following:
• Master's or equivalent degree in IT Risk/ Cybersecurity field or relevant experience.
• Previous experience and expertise in national and transnational data privacy laws (e.g. GDPR, HIPPA, DPAct, POPI), regulations and practices.
• Good knowledge of ICT topics
• Certified professional certifications in the information security sector, such as ISO27001, CISSP, CISA, GCCC, CISM, CRISC, among other
• Role model, promotion of a culture of good conduct and contribution to maintaining such a culture
• Proactivity, transparency and clear accountability for the determination and management of behavior risks
• Excellent skills in problem solving, presentation and consultation
• Teamwork with peers and management
• Strong project management skills, pragmatism and level of report
• Exceptional communication skills, both written and oral.
• Understanding of data processing operations, including business applications and data use.
• Understanding of cross over between legal, IT and data security requirements.
• Experience of promoting a data privacy culture of awareness and understanding (preferably within a Bank).
• Experience of developing and accessing privacy policies and controls that minimize risk and ensure compliance.
• Experience of responding to potential privacy incidents, to mitigate risk, determine reporting requirements, and developing corrective action plans when needed.
• Experience and expertise in national and transnational data privacy requirements and practices.
• Demonstrated leadership and problem-solving skills, and ability to work under pressure.
• Experience of communicating effectively with the highest levels of management and decision-making individuals within the organization.
• Familiarity with privacy and security risk assessment, best practices and gap analysis, privacy certifications/seals, and information security certifications.
• Team-player such that focus on the success of the team. Working well both with others, as well as individually, in a multicultural and multidisciplinary context.
• Fluent in English.