Data Protection Compliance Specialist (DPO) @ING Hubs Romania

ING Hubs Romania offers 130 services in software development, data management, non-financial risk & compliance, audit, and retail operations to 24 ING units worldwide, with the help of 𝐨𝐯𝐞𝐫 𝟐𝟎𝟎𝟎 𝐡𝐢𝐠𝐡-𝐩𝐞𝐫𝐟𝐨𝐫𝐦𝐢𝐧𝐠 𝐞𝐧𝐠𝐢𝐧𝐞𝐞𝐫𝐬, 𝐫𝐢𝐬𝐤, 𝐚𝐧𝐝 𝐨𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 𝐩𝐫𝐨𝐟𝐞𝐬𝐬𝐢𝐨𝐧𝐚𝐥𝐬.

We started out in 2015 as ING’s software development hub, then steadily expanded our range to include more services and competencies. Now we provide borderless services with bank-wide capabilities and 𝐨𝐩𝐞𝐫𝐚𝐭𝐞 𝐟𝐫𝐨𝐦 𝐭𝐰𝐨 𝐥𝐨𝐜𝐚𝐭𝐢𝐨𝐧𝐬: 𝐁𝐮𝐜𝐡𝐚𝐫𝐞𝐬𝐭 𝐚𝐧𝐝 𝐂𝐥𝐮𝐣-𝐍𝐚𝐩𝐨𝐜𝐚.

𝐎𝐮𝐫 𝐭𝐞𝐜𝐡 𝐜𝐚𝐩𝐚𝐛𝐢𝐥𝐢𝐭𝐢𝐞𝐬 𝐫𝐞𝐦𝐚𝐢𝐧 𝐭𝐡𝐞 𝐜𝐨𝐫𝐞 𝐨𝐟 𝐨𝐮𝐫 𝐛𝐮𝐬𝐢𝐧𝐞𝐬𝐬, with more than 1800 colleagues active in Data Management, Touchpoint Channels & Integration, Core Banking, and Global Products.

We enjoy a flexible way of working and a highly collaborative environment, where fair and constructive feedback is encouraged.

For us, impact isn't a perk. It's the driver of our work. We are guided and rewarded by a shared desire to make the world a better place, one innovative solution at a time. Our colleagues make it their job to do impactful things and they love doing it in good company. Do you?

The Mission

The Data Protection Compliance Specialist (Data Protection Officer) is a 2nd line of defense (2LoD) independent role and ensures that personal data is managed in a professional, lawful and ethical manner in ING Hubs Romania.

You will provide expert advice and oversight within the organization, on, but not limited to Personal Data Protection related external/ internal events, risk identification & assessment, risk mitigation & tracking, and risk reporting.

You will serve as the primary contact for Data Protection supervisory authorities.

Your day-to-day

• Provide expert advice and consultancy to ING Hubs Romania’s management team and employees on the applicable obligations related to processing of personal data, as per the applicable laws and GPDP requirements;
• Provide support, review and challenge in developing and maintaining local set of personal data related procedures and review of other procedures which contain personal data protection topic, to ensure implementation of the applicable requirements at the level of ING Hubs Romania;
• Provide juridical/ legal support, review and challenge for assessing risks and incidents (such as data breaches);
• Ensure support when access rights are exercised by various individuals in relation to ING Hubs Romania;
• Ensure support and input to 1st line of defence representatives when performing data protection impact analysis and balancing tests and monitors the implementation of the agreed actions;
• Provide support and input for the local/ internal training and awareness initiatives;
• Participate in the periodical testing activities of key controls and prepare the appropriate documentation, when and if applicable;
• Cooperate with the Data Protection Authority, when applicable, being the dedicated point of contact;
• Support the identification of the impact of and the coordination of responses to law and regulatory changes, internal & external audit reports, etc. and monitoring the follow-up on the regulatory issue solving;
• Perform and assist in other information risk activities where the requirements arise;
• Steer on consistency in approach of interpretation of GDPR and ING internal Data Protection Policies as well as specific local regulation and provide risk management direction for the organization to transition within risk appetite where relevant and/or applicable;
• Contribute to the Data Protection Compliance Community. Maintain insight on Data Protection issues and developments in the Data Protection Compliance community via periodic calls and reports.

What we are looking for

• Bachelor’s degree, preferably in Legal field;
• 3-5 years’ experience in Personal Data Protection area;
• Exposure to & understanding technical & business-related threats facing banking industry;
• Fluent in English (written and spoken).

Would be considered a plus

• Having professional education and training in Data Privacy, such as CIPP, CIPM.

If you want to deep dive into the processing of personal data conducted by ING Hubs Romania during the recruitment process and your rights related to it, read the privacy notices on our website (make sure to scroll until you reach the Data Protection section/ Candidates tab). 

has context menu