Data Protection Compliance Specialist (2 years contract) @ING Hubs Romania

The Mission

You will work within the vertical Group Data Protection Compliance, a department within Compliance that is in place starting March 2023. Data Protection Compliance is an important risk area with growing interest from both internal and external stakeholders.

As a Global Data Protection Compliance Specialist, you are (or can become) an expert on the area of Data Protection Risk Management, as this is a key compliance risk that the bank needs to manage. You have freedom to organize your work according to your own expertise and insights within team setting.

You will be member of the Global Data Protection Risk Management team that is responsible for global oversight of the Global Data Protection Policy (GDPR) and Global Record Retention and Deletion Policy (GRRD) risk and owns risk management direction for the organization to operate within risk appetite.

Although this is a virtual team, occasional travelling to Amsterdam is part of the function.

The Global Data Protection Compliance Risk Management team forms with the Data Protection Compliance Policy & Advisory team the vertical Data Protection Compliance.

Your day to day

• You execute activities for one of more specific processes, business areas and/or projects of the compliance risk management cycle for data protection risk (e.g: CRAS; RAC);
• Depending on your ambition and expertise you will be focusing on the data protection risk management framework, monitoring, and reporting or bank-wide risks, global processing risks and emerging risks.
• The topics can be related to: (i) involvement in analyzing, reviewing, or challenging the consolidated data of Operational Compliance Dashboard, Compliance Cockpit data for establishing exposure for Data Protection Compliance Risk, (ii) offering support and input for NFRD/CRU reporting (Compliance Risk Update), (iii) monitor data quality on Data Protection Compliance related risks, issues and events in iRisk; (iv) be a point of contact for ING locations, executing roles and responsibilities part of the Functional Oversight mandate; (v) as well as contribution to design and execution of monitoring methods and activities for data protection risks and specific risk analysis on data protection risks. Other topics can be related to challenge and advise activities on bank wide risks, such as storage limitation, third party data processors and cookie compliance but also formulating 2nd line responses on new and emerging risks.
• You can be part of a task group or project team and contribute to the execution of deliverables;
• You will report on the above tasks and projects;
• You contribute to quality of and knowledge on Data Protection Compliance risk management, monitoring and reporting;
• You participate in (multi) disciplinary (project) compliance risk teams and contribute to ensure alignment with NFR, IT risk and data risk.

What you’ll bring to the team

• You have in depth knowledge on GDPR and data protection risk and issues;
• You have 3+ years professional experience in audit, compliance or risk management;
• You have excellent collaboration skills and ability to work across functional and geographic lines;
• You have a university degree or equivalent;
• You have an excellent level of English (verbal/written).

If you want to deep dive into the processing of personal data conducted by ING Hubs Romania during the recruitment process and your rights related to it, read the privacy notices on our website (make sure to scroll until you reach the Data Protection section/ Candidates tab). 

has context menu