Location: Tallinn, Estonia
Type: Permanent, full-time
What you'll be doing
You will ensure the implementation and compliance with the General Data Protection Regulation (GDPR) and all applicable data protection requirements (group and local-based) into Bigbank processes and activities, including technological developments.
Why is this important to Bigbank?
Data protection is one of the key elements in digital banking. Expert level governance is very much needed today and even more in the future when new regulations will come into effect at EU level.
How you'll spend your day
Monitoring compliance with GDPR, in particular collecting the information to identify data processing activities, analysing and checking the compliance of data processing activities and sharing the recommendation to the respective parties regarding obligations from GDPR
Sharing analyses and know-how regarding data protection impact assessments (DPIA)
Carrying out DPIA when necessary and in a proper manner
Ensuring Bigbank complies with local data protection requirements and all required data processing and protection internal regulations are in place
Complying all required internal regulations with external requirements, including applicable local external regulations in Bigbank, especially GDPR
Updating all data processing related internal regulations
Informing and advising the executive management regarding existing data processing security threats/exposures and recommending courses of action
Developing and maintaining the information of data processing security procedures, guidelines and standards through cooperation with IT security
Supporting the implementation of data processing security policies on behalf of the executive management
Ensuring the compliance with the data processing security policy, procedures and guidelines.
Responding to alleged violations of rules, regulations, policies, procedures regarding data processing
Ensuring that the injunctions made by supervisory authorities are applied, established violations eliminated timely and managed professionally
Providing needed/asked reports on a regular basis
Being the first contact person for publication and communication regarding data processing in Bigbank according to GDPR
Being the first contact person for supervisory authorities regarding data protection matters and the implementation of GDPR.
Things you’re already doing:
You have at least 3 years of proven experience with working as a legal counsel in a law office, audit, investment or insurance firm, preferably in departments involved with data processing related matters and activities.
Preferably, you have working experience in matters related to IT developments from data security perspective.
You can measure, report, and communicate complex security decisions, situations, and impacts.
Preferably, you have working experience in international team, together with the ability to stay efficient in multilingual and multicultural working environment.
You can work and effectively prioritise in a highly dynamic work environment.
You have a demonstrated ability to deliver security solutions that meet organisational needs.
You have an internal training and counselling experience in matters of data processing and protection.
You have a Master’s degree, preferably in law, business controlling, or audit.
You're an expert in Estonian and European data protection regulations and have an in-depth understanding of GDPR.
You have a high expert knowledge of data protection requirements and practises and the ability to fulfil the tasks arising from GDPR.
You are familiar with security and regulatory compliance (FSA and EU regulations, ISO/IEC/IEE, COBIT; ISACA, etc.).
Preferably, you have good knowledge of finance sector or alternatively other related external regulatory requirements.
Your communication, presentation and influencing skills are excellent.
You are able to act in an independent and autonomy manner and create support/buy-in across a wide range of stakeholders.
You are able to manage many projects simultaneously at high quality level.
You are advanced in Estonian and English, both oral and written.
You are ready to improve and increase your professional skills according to the need (both external and internal).
Things we're working on
As a bank, we first started the transformation from old school offices-based banking to purely digital banking. Next we dove into the digital journeys of our customers and figured out what they need for excellent experience. Now, we are building a new banking platform made up of microservices. Data protection is one of the key areas to succeed in all of it.
Tools you'll be working with
Webdesktop, Confluence, MS Office
You'll be rewarded like this
Competitive salary (reviewed yearly based on your performance)
Good conditions for professional and personal development
Good governance-focused international banking environment
International team events
Monthly sports benefit + free participation at 2 national sport events
Additionally 2 paid important personal life occasion days
3 paid ‘stay at home and get well’ days
You have a dedicated contact person always ready to answer all your questions. Just write to Ksenija Liss, the Chief Compliance Officer.
Fill in the form below or send us an email firstname.lastname@example.org