close

ICT Privacy & Security Officer

IT & Technology
Amersfoort
English

Description:

Are you the ICT Privacy & Security Officer who wants to work for a leading global FMCG company? Do you have vast experience on the Privacy & Security domain, and do you want to make sure all privacy compliancy risks for this organization are properly monitored and managed? Than this might be the job you have been looking for!

As ICT Privacy & Security Officer you will work closely with CISO, Enterprise Architects, Project Managers and the Global Privacy Manager. You will be responsible for monitoring and managing the privacy compliance risks for Corporate ICT. In addition to this, the role includes the responsibility for the processes that are related to data breaches and fraud investigations.

In this position, you will be responsible for:
1. ICT Privacy requirements and processes

  • Responsible for the translation of privacy requirements based on the company's Privacy Codes and local legislation into functional and technical ICT controls and security controls;
  • Monitoring the implementation of privacy and related security controls within the ICT department;
  • Ensuring the ICT solutions and services complies with the corporate privacy requirements and privacy legislation;
  • Embedding privacy requirements in ICT procedures and processes (e.g. data breach, test data management, security controls);
  • Reviewing the ICT security plans to ensure alignment between security and privacy practices;
  • Supporting contract and service level managers in privacy requirements and performance towards suppliers.

2. Privacy & Security Policy and Standards

  • Responsible for creating and maintaining privacy policies within ICT and ensuring alignment with the cyber security policy and standards;
  • Supporting in the translation of privacy requirements in practical controls in ICT solutions and services;
  • Periodically evaluating privacy and security policies & standards on privacy requirements.

3. Communication & Awareness

  • Acting as a "Corporate ICT functional knowledge base" for questions regarding privacy-related topics;
  • Actively sharing information on data protection that foster information privacy awareness within the organization;
  • Preparing and providing privacy education and training to all ICT employees in all countries.

4. Privacy Impact Assessment

  • Keeping existing Privacy Scans up to date and monitoring compliance of existing application with privacy legislation;
  • Keeping track of new ICT or Business initiatives and conducting privacy impact assessments (Privacy Scans and DPIAs) and monitoring progress of improvement actions;
  • Facilitating the follow up on PIA action plans towards Business and System Owners to ensure mitigation and remediating breaches of data subjects confidentiality in the ICT managed application area.

5. Security investigation

  • Coordinating and performing security investigations in case of data breach or fraud incidents.

6. Reporting

  • Report to Corporate ICT Senior Management and the Global Privacy Manager on the current privacy compliance status on a regular basis.

Your salary is based on the weighting of your job, your experience and your training. Not only will you receive a competitive salary but also training and education on the job because it's important for people to continue to grow.

Requirements:

The ICT Privacy & Security Officer we are looking for should have at least the following: * At least 7 years of combined IT, security and privacy work experience, with a broad exposure to different business environments; * Excellent knowledge in cyber security and privacy regulations, especially the EU privacy law (GDPR) and e-Privacy Directive; * Proven expertise in translation of privacy requirements into privacy & security and Corporate ICT controls; * Experience in a work environment of a multinational organization; * Fluent in English language (speaking and writing); * Certification on cyber security & privacy standards and methods. Next to that the following applies to you: * Action-oriented worker with no nonsense mentality; * Ability to easily build relationships in order to get things done; * Communicating clearly in business terminology; * Taking fact-based decisions under pressure; * Able to force progress in short periods of time; * Goal-oriented working under minimal supervision; * Able to create clear dashboards and to keep track of actions.