Middle Compliance Specialist / Data Privacy

Описание

N-iX is a software development service company that helps businesses across the globe develop successful software products. Founded in 2002, N-iX has come a long way and increased its presence in nine countries - Poland, Romania, Ukraine, Bulgaria, Sweden, Malta, the UK, the US, and Colombia. Today, we are a strong community of 2,000+ professionals and a reliable partner for global industry leaders and Fortune 500 companies.

Currently N-iX is seeking an experienced and dedicated Compliance Specialist with a strong focus on Data Privacy. This mid-level role is crucial in ensuring our organization's adherence to global data protection laws and best practices. As Compliance Specialist you will be involved in continuous improvement, implementing, and monitoring our data privacy program, providing expert guidance across the business, proactively managing privacy risks, ensuring contractual compliance and business continuity planning.

Duties:

Privacy Program Management: oversee the ongoing development, implementation, and maintenance of the company's comprehensive data privacy programRegulatory Compliance: Ensure continuous compliance with applicable data protection laws and regulations, including but not limited to the General Data Protection Regulation (GDPR), and other relevant national and international privacy frameworksSupport client engagement activities in the information security, data protection, or compliance domain. Perform contracts review and ad-hoc questionnaires preparation.Policy & Procedure Development: review, and update internal data privacy policies, procedures, and guidelines to reflect legal requirements and best practicesPrivacy by Design/Default: Provide expert privacy advice and guidance to various business units throughout the lifecycle of processes, projects, systems, and services, promoting Privacy by Design and Default principlesData Protection Impact Assessments (DPIAs): Conduct and oversee Data Protection Impact Assessments (DPIAs) for new and significant changes to existing data processing activitiesData Subject Rights: Manage and respond to Data Subject Rights (DSR) requests (e.g., access, rectification, erasure, portability) in a timely and compliant mannerThird-Party Risk Management: Support the assessment of privacy risks associated with third-party vendors and data processors, including reviewing data processing agreements and Standard Contractual Clauses as neededIncident Response: Assist in data breach incident response planning and execution, including investigation, containment, and notification procedures as required by lawTraining & Awareness: Develop and deliver engaging data privacy training and awareness initiatives for the staff across the organizationMonitoring & Reporting: Monitor compliance with internal privacy policies and external regulations, prepare regular compliance reports for management, and identify areas for improvementInternal Audits: provide support for internal privacy audits and assessments to identify gaps and ensure adherence to privacy standards and controls, including potentially contributing to ISO 27701 (Privacy Information Management System) auditsRecord Keeping: Maintain accurate records of data processing activities (ROPA) and other relevant privacy documentation.

Qualifications:

3+ years of demonstrated experience in data privacy compliance, data protection, or a related legal/compliance role, preferably within a fast-paced or regulated industryIn-depth knowledge and practical application experience of GDPR is essential. Familiarity with other global privacy regulations is a strong advantageUnderstanding of information security principles and their intersection with data privacy (e.g., ISO 27001 and family, SOC2 Type II)Relevant professional certification(s) such as CIPP/E, CIPP/M, CIPM, CDPSE, or equivalent are highly desirable and are a strong advantageStrong analytical, problem-solving, and critical thinking skills with the ability to interpret complex legal and regulatory requirementsExcellent written and verbal communication skills, with the ability to articulate complex privacy concepts clearly to technical and non-technical audiencesProven ability to work independently, manage multiple priorities, and meet deadlines in a dynamic environmentHigh level of integrity, discretion, and ethical conductExcellent written and verbal communication skills in English

We offer*:

Flexible working format - remote, office-based or flexibleA competitive salary and good compensation packagePersonalized career growthProfessional development tools (mentorship program, tech talks and trainings, centers of excellence, and more)Active tech communities with regular knowledge sharingEducation reimbursementMemorable anniversary presentsCorporate events and team buildingsOther location-specific benefits

*not applicable for freelancers