Discover ING Tech :
ING Tech Romania is ING’s global hub for technology established in 2015. Focused on building strategic key capabilities, the hub provides approximately 121 services for 24 ING units globally.
These services are grouped in the following main categories : software development; data management; non-financial risk & compliance and audit.
Now, in 2021, our fast-growing organization gathers more than 1000 high-performing engineers and non-financial risk & compliance specialists that work together in global tribes.
The Mission :
As a Data Protection Officer (DPO) you are responsible to ensure compliance with data protection obligation pursuant to EU Regulation 679 / 2016 (the GDPR ), with other legislations on personal data and support ING Tech Romania in global projects with impact on personal data.
You will contribute to promoting a data protection culture within the company, by providing advice and support on privacy issues to business teams.
Your Day-to-Day :
Inform and advise the organization and the employees who carry out processing of their obligations pursuant to data protection legal provisions.
Support the organization to create and maintain a framework for the development, implementation and updating of data protection policies and procedures to support and monitor the implementation and embedding of data protection legal rules within IBSS Romania.
Provide advice on all data protection risks or incidents, compliance issues or questions in IBSS Romania when requested.
Provide advice as regards the data protection impact assessment (DPIA) (and balancing tests, where applicable) and monitor its performance pursuant to legal and internal requirements where requested.
Provide advice on requests and complaints related to personal data received from the data subjects, authorities or other entities.
Provide support in creating awareness on privacy matters and trainings for staff by creating and supplying training materials, guides and other awareness related materials, by direct involvement in training initiatives, including preparing the annual training plan.
Can, in accordance with the applicable local and global data protection procedures and policies, perform analysis and access information under the ownership of Business Owners as well as that of the first line data protection function and other departments in charge with the implementation of GDPR requirements in order to provide input from a second line of defense perspective so as to adequately identify data protection related risks, in order to ensure the monitoring of compliance with the data protection requirements provided by law and ING internal policies in relation to the protection of personal data.
While fulfilling its tasks, the DPO shall have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing.
What you bring to the team
A legal academic background, with a approx. 5 years of experience in the legal field, preferably in a similar business environment (banking / IT) and connected to the data protection area
Expert knowledge of the national and European data protection laws and practices, knowledge of the business sector, understand the processing operations, technologies and data security
Computer proficiency : MSOffice, e-mail, internet
Very good organizing skills, team player with strong communication, negotiation and analytical skills, not easy to overrule, problem solving oriented, logical and open-minded, ability to work independently and to react fast and trustworthy in case of a data breach incident.