What you'll be doing

You will ensure the implementation and compliance with the General Data Protection Regulation (GDPR) and all applicable data protection requirements (group and local-based) into Bigbank processes and activities, including technological developments.

Why is this important to Bigbank?

Data protection is one of the key elements in digital banking. Expert level governance is very much needed today and even more in the future when new regulations will come into effect at EU level.

How you'll spend your day

  • Monitoring compliance with GDPR, in particular collecting the information to identify data processing activities, analysing and checking the compliance of data processing activities and sharing the recommendation to the respective parties regarding obligations from GDPR

  • Sharing analyses and know-how regarding data protection impact assessments (DPIA)

  • Carrying out DPIA when necessary and in a proper manner

  • Ensuring Bigbank complies with local data protection requirements and all required data processing and protection internal regulations are in place

  • Complying all required internal regulations with external requirements, including applicable local external regulations in Bigbank, especially GDPR

  • Updating all data processing related internal regulations

  • Informing and advising the executive management regarding existing data processing security threats/exposures and recommending courses of action

  • Developing and maintaining the information of data processing security procedures, guidelines and standards through cooperation with IT security

  • Supporting the implementation of data processing security policies on behalf of the executive management

  • Ensuring the compliance with the data processing security policy, procedures and guidelines.

  • Responding to alleged violations of rules, regulations, policies, procedures regarding data processing

  • Ensuring that the injunctions made by supervisory authorities are applied, established violations eliminated timely and managed professionally

  • Providing needed/asked reports on a regular basis

  • Being the first contact person for publication and communication regarding data processing in Bigbank according to GDPR

  • Being the first contact person for supervisory authorities regarding data protection matters and the implementation of GDPR.

Things you’re already doing:

  • You have at least 3 years of proven experience with working as a legal counsel in a law office, audit, investment or insurance firm, preferably in departments involved with data processing related matters and activities.

  • Preferably, you have working experience in matters related to IT developments from data security perspective.

  • You can measure, report, and communicate complex security decisions, situations, and impacts.

  • Preferably, you have working experience in international team, together with the ability to stay efficient in multilingual and multicultural working environment.

  • You can work and effectively prioritise in a highly dynamic work environment.

  • You have a demonstrated ability to deliver security solutions that meet organisational needs.

  • You have an internal training and counselling experience in matters of data processing and protection.

  • You have a Master’s degree, preferably in law, business controlling, or audit.

  • You're an expert in Estonian and European data protection regulations and have an in-depth understanding of GDPR.

  • You have a high expert knowledge of data protection requirements and practises and the ability to fulfil the tasks arising from GDPR.

  • You are familiar with security and regulatory compliance (FSA and EU regulations, ISO/IEC/IEE, COBIT; ISACA, etc.).

  • Preferably, you have good knowledge of finance sector or alternatively other related external regulatory requirements.

  • Your communication, presentation and influencing skills are excellent.

  • You are able to act in an independent and autonomy manner and create support/buy-in across a wide range of stakeholders.

  • You are able to manage many projects simultaneously at high quality level.

  • You are advanced in Estonian and English, both oral and written.

  • You are ready to improve and increase your professional skills according to the need (both external and internal).

Things we're working on

As a bank, we first started the transformation from old school offices-based banking to purely digital banking. Next we dove into the digital journeys of our customers and figured out what they need for excellent experience. Now, we are building a new banking platform made up of microservices. Data protection is one of the key areas to succeed in all of it.

Tools you'll be working with

Webdesktop, Confluence, MS Office

You'll be rewarded like this

  • Competitive salary (reviewed yearly based on your performance)

  • Competent and youthful people to collaborate with – check out @lifeatbigbank and #bigbankwow at Instagram

  • Good conditions for professional and personal development

  • Good governance-focused international banking environment

  • International team events

  • Monthly sports benefit + free participation at 2 national sport events

  • Additionally 2 paid important personal life occasion days

  • 3 paid ‘stay at home and get well’ days


You have a dedicated contact person always ready to answer all your questions. Just write to Estel Pukk, the Group Head of WOW Support Services area.


Fill in the form below or send us an email jobs@bigbank.eu

Are you a good fit?


Enter your first and last name.


Enter your email address or phone number with the country code.


Enter a link to your CV or LinkedIn profile or portfolio page. If you don’t have any online, drop them to jobs@bigbank.eu


We are curious people here.