COMPLIANCE & DATA PRIVACY EXPERT Setúbal

COMPLIANCE & DATA PRIVACY EXPERT
Setúbal
Setúbal, Setubal, Portugal

POSITION MISSION & MAIN ACTIVITIES

1. Compliance

• Design the Global Regulatory watch of the legislations under the local perimeter
• Guarantee the compliancy with local applicable regulations under surveillance
• Ensure and maintain the implementation of different processes assigned to compliance: Ethics, Anti-bribery, Sanctions, Conflicts of interest, Fraud and Criminal laws.
• Identify, Review and follow up the compliance risks (evaluate the impact on the operational risks model of the entity)
• Develop and adapt AXA Group Operations policies on Compliance subjects in accordance with local applicable laws.
• Provide support and Training under the local perimeter on compliance

2. Compliance Governance

• Develop compliance Change management processes to ensure clear and consistent controlled processes exist
• Integrate Risk Management Process into all Compliance and DP controls and processes
• Develop and Perform Assurance Plan Control Testing of 1st line to ensure Compliance with Ethics, Anti-bribery, Sanctions, Conflicts of interest, Fraud and Criminal laws.
• Adopting and implementing detailed requirements or guidelines to assure a compliant handling of specific matters as deemed necessary such as:
• IT Project Management when personal data is involved
• Third party management: risk assessment and contract management
• Sensitive Personal Data: Greater emphasis on whether and how to process this type of data
• Ensure governance, accountability and oversight of processes with a view to increase transparency and reduce the opportunity for fraud

3. Data Privacy management and governance

• Training and providing juridical consultative advice to all the areas and departments of the entity in question with regards to Data Privacy matters
• Supporting and controlling a general data protection register (both as Data Controller and Processor) containing all data processing in use and current information about purpose).
• Support to the different projects providing Data Privacy assessment and
  - off when satisfied on compliancy with local applicable laws
• Attendance at Data Privacy, Security or similar Committees Locally
• Coordination and management of responses to incidents involving Personal Data (e. g. Unauthorized access or disclosure)
• Permanent Control: Ensuring on a regular basis that data processing applications and processes are still compliant.

4. Control of Data Privacy Regulations

• Monitors both local and other relevant Data Privacy related regulations impacting the GO (GDPR + local regulations).
• Creates an environment that promotes compliance with Data Privacy related regulations.

5. Interface with corporate governance bodies

• Create a strong working relationship with the management of the compliance & governance function, guaranteeing the global needs of the organization.
• Create a collaborative working relation with the AXA Group Operations local governance bodies and the AXA Op
  Cos
• Coordination where necessary with the local Risk, Security, Legal, HR, Physical Security, IT Operations, Finance, and Internal Audit function on compliance (including DP) matters
• Keeping Senior and Business Management informed about their responsibilities regarding compliance & DP

1. Profile

• A previous Data Privacy / Compliance control experience (at least Master graduate or equivalent – Legal or IT Security)
• + 3 years of professional experience (preferably Including Control and Fraud framework)
• Ability to draft complex legal documentation in English
• Language skills:
• Required: English – high level (written, spoken, negotiation)
• Nice to have (not required but appreciated): German, French, Spanish, Italian

2. Skills & Competencies

A. Results Orientation

• Ability of tasks prioritization with a clear action plan defined
• Develop an internal sense of urgency to complete tasks
• Holds self and others accountable for delivering
  - quality results on time and within budget
• Challenge of ineffective work processes and promote constructive alternatives
• Use of the appropriate criteria to regularly evaluate work processes, services and deliverables
• Solicits and/or provides information that could affect the planning, programs and
  - making for the organization

B. Change Leadership / Collaboration and Influencing

• Ability to build strong working relationships across a broad and varied mix of people and skills in IT and across business organizations
• Ability to win the trust of internal customers and other parts of the organization while challenging and fostering change

C. Team Spirit

• Positive mindset
• Excellent communication skills at all levels
• A collaborative work style and
  - building mindset
• Intercultural sensitivity
• Flexibility