About the team/job
This position is located in the Data Protection Office (DPO) of the European Molecular Biology Laboratory in Heidelberg, Germany.
Under the supervision of EMBL’s DPO, the Data Protection Advisor will provide strategic, technical, and operational support as part of the DP Office and will play a central role in the successful shaping and implementation of a comprehensive DP Strategy throughout the organisation. As Data Protection Advisor, you will either support or lead multiple projects, or; you will be expected to continue transforming already existing framework into action, managing the day-to-day operations by supporting staff, internal stakeholders and external partners.
- Providing support in developing, implementing and operationalising Privacy policies, procedures and tools to maximize efficiency and comprehensive roll out of the data protection strategy across EMBL’s departments and units.
- Review existing policies, guidelines and toolkits to adapt them to EMBL’s current data protection strategy and operational needs.
- Draft SOPs/ guidelines/guidance as well as conduct legal research and documentation activities.
- Provide consistent advice to all EMBL units on a variety of issues in the context of Data Protection, identifying needs and priorities arising out of the interpretation or application of principles of EMBL’s Internal Policy on data protection N°68, policies, guidelines, relevant international standards, and best practices on Data Protection.
- Collaborate with cross-functional internal and external points of contact to effectively roll out the Data Protection Strategy, ensure regulatory compliance and mitigate organisational risks.
- Implement the different elements of EMBL’s Data Protection Strategy (e.g. privacy notices, DPIAs, register of processing activities, training and awareness campaigns and data breach response mechanisms).
- Adapt and adjust systems, tools, processes and templates.
- Document, track and report relevant program metrics and milestones on the implementation of the Data Protection Strategy.
- Prepare reports, talking points and correspondence on data protection issues as required.
- Conduct training and awareness activities as required.
- Advanced university degree in relevant discipline (including but not limited to law, computer science, information technology) or related field with relevant work experience.
- LLM or Master of Law on data protection, privacy, computer and communications law, compliance, international, digital or media law is desired.
- Certifications such as CIPP/E/U and CIPM, CIPT is desired.
- Knowledge of international security management systems industry standards (ISO 27001, ISO 27701, NIST…) is desired.
- Ideally at least 3 years of responsible professional experience in Data protection, Privacy and Information Security, in a law/ consultancy firm and/or large public/private sector organization on Data Protection.
- Proven experience in building and implementing global Privacy and Data Protection compliance programs, operations and/or risk management programs in large corporations.
- Experience in conducting DPIAs, maintaining records of processing activities, of incident response management, drafting contracts, SOPs, policies and guidelines.
- Experience in operational risk management.
- Experience working in a global, large-scale, complex, and fast-paced environments.
- Experience working autonomously with minimal supervision and as part of a team, well as to cooperate within a team.
Knowledge and Skills:
- In depth knowledge of Data protection, Privacy and Information Security regulations, international security standards and specific key legal issues;
- Solid understanding of information technologies and their impact in the protection of personal data (e.g. privacy by design and by default);
- Ability to identify Data Protection related risks and gaps based on local legal environment, developments and projects;
- Strong analytical interpersonal, communications and presentational skills;
- Demonstrated negotiating, cultural sensitivity and diplomatic skills;
- Demonstrated problem solving skills; client focus and results oriented;
- Effectiveness orientation and pro-activity;
- Strong sense of responsibility, confidentiality and accountability.
- Fluency (level C) in English.
- Intermediate knowledge (level B) of French or German.
You might also have
- Previous work experience gained in international and/or life sciences environment is advantageous.
Why join us
EMBL is an inclusive, equal opportunity employer offering attractive conditions and benefits appropriate to an international research organisation with a very collegial and family friendly working environment. The remuneration package comprises a competitive salary, a comprehensive pension scheme, medical, educational and other social benefits, as well as financial support for relocation and installation, including your family and the availability of an excellent child care facility on campus.
What else you need to know
We are Europe’s flagship research laboratory for the life sciences – an intergovernmental organisation performing scientific research in disciplines including molecular biology, physics, chemistry and computer science. We are an international, innovative and interdisciplinary laboratory with more than 1700 employees from many nations, operating across six sites, in Heidelberg (HQ), Barcelona, Hinxton near Cambridge, Hamburg, Grenoble and Rome.
Please note that appointments on fixed term contracts can be renewed up to 9 years in total, depending on circumstances at the time of the review.