• Developing relationships with key stakeholders across the business to understand current and planned data processing activities
• Developing internal processes and policies to mitigate key privacy risks
• Managing privacy risk assessments and remediation plans
• Managing a record of all personal data processing activities across the business
• Managing the data subject rights request process
• Supporting the integration of privacy standards, controls and policies into standard business processes
• Developing and managing a comprehensive GDPR training program and promoting privacy awareness throughout the business to keep privacy on the business agenda
• Leading internal privacy councils to present key privacy metrics and risks to senior leadership and highlighting key privacy risks to the DPO
• Advising organizations on Data Protection best practices and leading data protection advisory engagements including delivering policies/procedures, training/awareness, records of processing/lifecycles, and control re-design to clients.
• Supporting clients across end-to-end data retention projects.

Skills: Stakeholder Engagement, Privacy Risk Management, Data Protection Compliance, Data Subject Rights Management, Training and Awareness Programs, Internal Privacy Governance, Advisory Engagements, Data Retention Project Management

• Lead and develop data privacy compliance in Energy Business with a value-adding approach
• Proactively develop Wärtsilä Group data protection processes in close collaboration with the Group Data Protection Team
• Develop and implement an Energy Data Privacy Awareness plan and run regular awareness activities for Energy, including the Energy Legal team in line with Wärtsilä Group level data protection requirements.
• Scope data protection requirements for Energy and identify any gaps.
• Establish and roll out procedures, guidelines and best practices in Energy.
• Support Energy in monitoring, controlling and reporting data protection matters.
• Identify and assess Energy products and services that collect and handle personal data.
• Act as a subject matter expert, coach and go-to advisor on matters involving personal data and data privacy topics.
• Support the DPO in driving, shaping and further developing the data privacy culture for TSB.
• Support the DPO in ensuring customer and colleague data is collected and used in accordance with regulatory requirements, including in relation to external data sharing and its use by third-party suppliers.

Skills: Data Privacy Leadership, Process Development, Awareness Program Implementation, Gap Analysis, Procedure Establishment, Monitoring and Reporting, Subject Matter Expertise, Regulatory Compliance Support

• Implement and maintain an Article 30 register for personal data processed within Epiroc globally and tool for handling owned by the Data Privacy Governance Board
• Provide advice and guidance to all group companies in respect of completion of records of processing and data protection impact assessments and ascertain that appropriate documentation is put in place for all processing of personal data within Epiroc
• Provide advice and guidance to all group companies in assessing third countries to which personal data shall be transferred and identifying appropriate supplementary measures where needed
• Provide advice and guidance to all group companies in respect of putting appropriate data processing agreements in place with data processors processing personal data on Epiroc's behalf
• Put a process in place for the handling of data breaches and keep a repository enabling demonstrating compliance and act as an escalation point for handling of data breaches
• Put a process in place for the handling of data subject requests, handle them and keep a repository enabling demonstrating compliance
• Ascertain that the privacy statement and cookie handling is up to date
• Advise the University with respect of mandatory training for all employees and for selected categories of employees
• Handle collection of signatures by all group entities of the Epiroc Intercompany Data Processing Agreement and put a process in place to onboard any new group entities
• Track and report key performance indicators to the Data Privacy Board on a regular basis in relation to Group Data Privacy Policies, procedures, processes and initiatives to ensure compliance

Skills: Article 30 Register Management, Compliance Guidance, Third Country Assessment, Data Processing Agreements, Data Breach Handling, Data Subject Requests Management, Privacy Statement Maintenance, Training and Onboarding

• Take part in other data-related matters, including the implementation of the Data Quality Management framework.
• Monitor emerging requirements on technical and organizational security and propose changes
• Keep abreast of evolving privacy and data protection regulations, laws, and policies
• Advising on Third Party management.
• Support and completion of DPIAs across multi-disciplinary clients and client systems.
• Conduct health checks and participate in audits to ensure privacy and data protection compliance and proactively address potential privacy and data protection issues
• Advising and supporting clients in Privacy by Design efforts.
• Build a network with privacy coordinators based the Epiroc legal entities to drive compliance throughout the Epiroc Group.
• Monitoring the Bank's overall compliance with the regulation including the performance of audits, data protection impact assessments and reporting to the board
• Providing advice and guidance on aspects of the regulation

Skills: Data Quality Management, Regulatory Compliance Monitoring, Regulatory Awareness, Third Party Management, Data Protection Impact Assessments (DPIAs), Compliance Audits, Privacy by Design, Compliance Networking

• Client-specific support on the negotiation of existing and new contracts with EU-based customers.
• Work closely with delivery teams of the EU and ensure client requirements are met.
• Ensure consultants provide adequate and effective support.
• Ensure successful deployment of critical deliverables related to bolstering the privacy program.
• Continuous monitoring of Data Protection materials viz. policies, manuals, and procedures and ensure ongoing compliance with privacy laws and regulations.
• Manage data subjects and internal complaints concerning the organization’s privacy policies and procedures in Europe.
• Support the HCL Privacy Incident and Data Breach Management program in partnership with the Cyber Security Incident Response Team.
• Assist EMEA Privacy Officer to ensure effective liaison with DPAs on matters related to inter alia registration and notifications, manage data protection breaches notification
• Implementing the Data Privacy Framework and setting up the governance organization
• Implementing the Data Governance Framework for the bank's personal data

Skills: Contract Negotiation, Client Relationship Management, Privacy Program Deployment, Regulatory Compliance, Complaint Management, Incident Management, Stakeholder Liaison, Data Governance Framework Implementation

• Experience working with data, data maintenance, associated elements/processes, involved systems and interdependent data
• Experience creating/driving data privacy strategy
• Experience working with GDPR, CCPA, CPRA, and other applicable state and federal privacy regulations
• Knowledge of Data Governance and Privacy Tools a plus
• Experience working with Consumer data and privacy requirements
• Knowledge of legal risk and remediation efforts in data compliance
• Knowledge of CIPP, CIPT, or other security-related certifications
• Ability to partner with the legal, business and technical subject matter experts to ensure standardization of operational information and execution of enterprise-wide data governance and privacy policies and procedures are defined and implemented
• Strong knowledge and understanding of regulations for acquiring, storing, and using data in Europe
• Ability to understand and measure legal ramifications of data compliance gaps
• Strong Communication Skills/Able to Persuade/Influence Others at all Organization Levels and the ability to foster lasting partnerships
• Ability to translate business requirements into critical data dependencies and requirements

Qualifications: BA in Information Technology with 7 years of Experience

• Ability to think beyond the current state (processes, roles and tools) and work towards an unconstrained, optimized design
• Ability to solicit followership from the functional teams to think beyond the ‘way the things work today’
• Able to align various stakeholders to a common set of standards and the ability to sell the benefits of the EDG program
• Knowledge of fostering lasting relationships across varying organizational levels and business segments with the maturity to interface with all levels of management
• Self-starter who welcomes responsibility, along with the ability to thrive in an evolving organization and an ability to bring structure to unstructured situations
• Ability to arbitrate on difficult decisions and drive consensus through a diplomatic approach
• Excellent written & verbal communication skills
• Good knowledge of frameworks like ISO 270xx, NIST, and ITIL.
• Good knowledge of information security, classification, handling
• Experience in managing other security, data or risk regulatory frameworks with a strong security focus would be an advantage e.g. PCI DSS
• Knowledge of data security-related topics in, e.g., applications, databases, OS, hypervisors, networks, IAM technologies and services, and IT service management are a plus
• Ability to cooperate with the head of department and assist in developing new ideas & solutions

Qualifications: BS in Cybersecurity with 6 years of Experience

• Strong communication and problem-solving skills
• Experience leading project teams and coaching junior staff
• Proven ability to engage with stakeholders effectively at all levels of the organization
• Experience in helping organizations to assess privacy and data protection capabilities across the lifecycle, determine strategic priorities, required investment and change impacts
• Experience working in data protection and/ or privacy-enabling technologies is desirable
• An interest in working across multiple sectors including financial services, technology and media, energy and resources and the public sector
• Progress towards or completion of certifications e.g. CISSP, CISM, CIPM, CIPP/E, CIPT.
• Experience in financial management, knowledge management, program/project management, and quality management.
• Experience in implementing both custom and packaged software solutions
• Experience in implementing medium- and large-scale cross-functional solutions with both business and technical focus.
• Excellent organizational, presentation, analytical, written, and verbal communication skills.
• Strong ability to manage client expectations in the areas of scope, schedule, budget, and satisfaction.
• Ability to foresee risks, recommend mitigation approaches and identify issues while managing effective outcomes.

Qualifications: BA in Computer Science with 5 years of Experience

• Knowledge of information technology systems, infrastructure and operations
• Excellent communication skills including the ability to express facts and ideas clearly and concisely, both orally and in writing
• Analytical ability to define problems, collect data, establish facts, and draw valid conclusions
• Ability to relate well with others, build relationships and constructively interact with a variety of people and situations
• Ability to use Microsoft Office applications software
• Ability to use appropriate analysis, judgment and logic when solving problems and making decisions
• Proficient in information technology, cybersecurity, and related privacy issues
• Experience with privacy by design concepts and working with business partners to integrate compliance into projects
• Excellent organization and prioritization skills
• Strong focus on providing quality service to internal and external customers
• Experience in contributing to the cybersecurity data privacy development and principles in system context with many different contributors
• Expert knowledge of EU/GDPR

Qualifications: BS in Data Science with 4 years of Experience

• Experience with GDPR, CCPA and other privacy regulations.
• Experience in delivering complex projects, aligning technology, business and legal requirements.
• Experience working with data catalog/metadata management tools.
• Experience with data Privacy Certification (e.g. CIPP, CIPM, or CIPT).
• Strong communication and people management skills with the ability to build relationships and influence key stakeholders.
• Ability to think creatively and accommodate tight deadlines and business objectives.
• Strong sense of urgency and problem-solving ability.
• Ability to support and document the evolution of ‘as is’ processes to ‘to be’ processes that will be necessary on a new platform.
• Ability to organize and prioritize work.
• Ability to effectively communicate verbally and in writing.
• Knowledge of Microsoft Office software (Outlook, Word, Excel, PowerPoint, Access, etc.).

Qualifications: BA in Business Administration with 5 years of Experience