What this job can offer you
Delivering innovative and practical legal solutions for Remote’s products and services while mitigating risks. The team is comprised of generalists who handle initial legal support, supported by specialized sub-teams of Product, Employment, Sales & Commercial, Regulatory & Business Affairs, and Risk & Governance. The team is also supported by a growing Legal Operations function that provides operational support and drives continuous improvement through adoption of technology, data, process improvement and new ways of working.
The Data Protection Officer (DPO) shall assist the company (the “Company”) to meet its obligations under the European Union (EU) General Data Protection Regulation (GDPR) and Data Protection laws. The DPO will monitor compliance and data practices internally to ensure the business and its functions comply with the applicable requirements under the GDPR and data protection laws. The DPO will be responsible for staff training, data protection impact assessments and internal audits. The DPO will also serve as the primary contact for supervisory authorities and individuals whose data is processed by the organisation.
In this role, the DPO shall work closely with the Legal, Compliance and Information Security functions to develop and monitor policies and standards applicable to the business and in compliance with data protection laws.
What you bring
- Experience working in data protection compliance or a related field
- Experience with second line of defence functions, such as legal, compliance, risk or audit
- Excellent organisational, communication, and management skills
- Expertise in European data protection laws and practices including an in-depth understanding of GDPR and the management of personal, sensitive and confidential information
- Deep understanding of computer security systems and data security
- Independent thinker with a compliance mindset
- Writes and speaks fluent English
- It's not required to have experience working remotely, but considered a plus
Key Responsibilities
- Implementing measures and a privacy governance framework to manage data use in compliance with the law, including developing templates for data collection, assisting with data mapping, and vendor management reviews
- Working with key internal stakeholders in the review of projects and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments
- Serving as the primary point of contact and liaison for the Lead Supervisory Authority and other EEA Data Protection Authorities on all data protection related matters under data protection laws
- Serving as the primary point of contact for queries in the business
- Overseeing vendor contracts and consents needed to implement projects in partnership with the firm’s Procurement and Information Security functions, and ensuring filing requirements with local regulators are achieved
- Managing and conducting ongoing reviews of the Company’s privacy governance framework
- Maintaining records of processing and documenting activities carried out by the Company
- Monitoring changes to local and international privacy laws and making recommendations to the business when appropriate
- Setting standards and reviewing policies and procedures globally that meet the requirements under data protection laws and any localisation requirements in countries of operation
- Developing and delivering privacy training to various business functions
- Developing strategies and initiatives to ensure engagement with key internal and external stakeholders
- Coordinating and conducting data privacy audits
- Collaborating with the Information Security function to raise employee awareness of data privacy and security issues, and providing training on the subject matter
- Collaborating with the Information Security function to maintain records of all data assets and exports, and maintaining a data security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests (SARs)
- Ensuring that the Company’s IT systems and procedures comply with all relevant data privacy and protection law, regulation and policy (including in relation to the retention and destruction of data)
- Working with in-house lawyers, where necessary, outside counsel to help advise on local data privacy law issues
- Promoting effective work practices and promoting a culture of privacy
- Being impartial and ethical, and reporting any failure to comply with GDPR or applicable data protection rules
Practicals
- You'll report to: General Counsel
- Direct reports: N/A
- Team: Legal - Privacy
- Location: EU and UK
- Start date: As soon as possible
Remote Compensation Philosophy
Remote's Total Rewards philosophy is to ensure fair, unbiased compensation and fair equity pay along with competitive benefits in all locations in which we operate. We do not agree to or encourage cheap-labor practices and therefore we ensure to pay above in-location rates. We hope to inspire other companies to support global talent-hiring and bring local wealth to developing countries.
At first glance our salary bands seem quite wide - here is some context. At Remote we have international operations and a globally distributed workforce. We use geo ranges to consider geographic pay differentials as part of our global compensation strategy to remain competitive in various markets while we hiring globally.
The base salary range for this full-time position is between $129,900 USD to $146,150 USD. Our salary ranges are determined by role, level and location, and our job titles may span more than one career level. The actual base pay for the successful candidate in this role is dependent upon many factors such as location, transferable or job-related skills, work experience, relevant training, business needs, and market demands. The base salary range may be subject to change.
Application process
Roughly 6 hours across 6 weeks
- Interview with recruiter
- Interview with one of the managing counsels
- Short take-home exercise
- Executive interview
- Prior employment verification check
#LI-DNP