Data Protection Risk Manager - CDD 24 mois (M/F)

  • Competitive
  • Luxembourg
  • CDI, Plein-temps
  • KBL
  • 25 mars 19

Data Protection Risk Manager - CDD 24 mois (M/F)

KBL European Private Banker, Luxembourg
CONTEXT :
The role of Group Data Protection Risk Manager is :

  • To ensure the harmonization of data protection methodology and tools within the Group
  • To implement and administrate the centralized Group Data Protection compliance IT platform :
    • To ensure the decentralization of documented controls and assessment at 1st line of defense level by each business lines and affiliates
    • To ensure the implementation of validation process, inter-relations between 1st line of defense /2nd line of defense and audit trails
  • To assess data protection risk through the review and performance of data protection impact assessment ("DPIA") for new processing and more exposed existing processes
  • To ensure the follow up of non-compliance and risk exposure reporting to Group Data Protection Officer for escalation to relevant Data Protection and Board committees
JOB RESPONSIBILITIES :
As the project manager of new IT platform implementation :
  • Parameterize and maintain a new centralized Group Data protection compliance IT platform
  • Drive the integration of Group Data Protection methodology and essential elements of GDPR ( such as data protection impact assessment, data protection by design/by default, record of processing activities, third party due diligence) into the new centralized Group Data protection compliance IT platform
  • Coordinate the integration of all the affiliates into the new IT platform
  • Be the contact point with the IT provider of the new platform

As the Risk manager expert :
  • Ensure the ongoing maintenance of the KBL Luxembourg register of data processing, assess their processing lawfulness and consent conditions
  • Monitor the performance of data protection impact assessment ("DPIA") , and data protection by design/by default application at earliest stage of any new project
  • Be the secretary of the Group Data Protection operational committees with all affiliate representatives and specialists
QUALIFICATIONS :

  • University degree in Information Technology, Information Security, Economics, Business Administration, Law

  • Experience in one or (preferably) several of the following areas: compliance, risk management, audit, business process, information security

  • Expertise in national and European data protection practices including an in-depth understanding of the GDPR
  • Familiar with risk control frameworks is preferred (e.g. such as CDPO, COBiT, ISO 27001, ITIL, and ISO 27005/31000)
SKILLS:

  • Ability to learn quickly and acquire expertise needed

  • Ability to parametrize a new IT tool and discuss with IT provider

  • Some experience in one or (preferably) several of the following areas: IT, compliance, risk management, audit, business process, information security

  • Knowledge of banking activities and services.

  • Strong communication skills, ability to bridge the gap between technical and business languages
LANGUAGES:
  • Fluent in French and English

 

To apply for this position, please send your CV and cover letter, in English, to: recruitment@kbl-bank.com