BNP Paribas is a leading European bank with an international reach. It has a presence in 74 countries, with more than 192,000 employees – including more than 146,000 in Europe and over 4,000 in Portugal alone.
BNP Paribas is present in Portugal since 1985, having been the first foreign bank to operate in the country. Today, BNP Paribas has several entities operating directly in this territory, offering a wide range of integrated financial solutions to support its clients and their businesses.
Worldwide, the Group has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. The Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporate and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance.
The Data Privacy and Protection department is part of the Group Risk Functions within BNP Paribas. It is a part of the 2nd line of defence under the Bank’s Data Privacy Officer (DPO) who in turn reports to the Group Chief Risk Officer (CRO). The department has responsibility for Group-wide approach of key data privacy and protection topics and for coordination of activities for DPOs at Group level.
ROLE AND RESPONSIBILITIES
The Data Protection Coordinator will assist with the implementation, management and monitoring of the data privacy and protection strategy and the creation and roll-out of policies, guidelines, and data protection awareness training.
Moreover, will identify and manage risks related to data privacy and protection, and escalate risks and issues to executives, as needed.
In sum, will coordinate and oversight of activities in relation to the following:
Review controls implemented by the business (1st LoD) to inform, advise and issue recommendations to the business with regards to data protection compliance; whilst acting independently of the Bank (i.e. 2LoD)
Foster a data protection culture within the organization and help to implement essential elements of the data protection, such as the principles of data processing, data subjects’ rights, data protection by design and by default, records of processing activities, security of processing, and notification and communication of data breaches
Advise controllers / processors regarding
Maintain the record of processing operations under the responsibility of the controller as one of the tools enabling compliance monitoring, informing and advising the controller or the processor
Ensure continuous training to maintain data protection awareness and feedback, and also include protection as part of the firms L&D agenda
Document all decisions taken consistent with and opposing DPO’s advice
Manage communication and act as point of contact for both data subjects (e.g. customers) and the regulatory authorities
Offer consultation once a data breach or other incident has occurred; and must be involved in relevant issues in a timely manner and report directly to highest management level
Previous experience and expertise in national and EU data privacy laws (GDPR), regulations and practices
Experience and understanding of data processing operations, including business applications and data use
Experience promoting a data privacy culture of awareness and understanding (preferably within a Bank)
Experience of developing and assessing privacy policies and controls that minimize risk and ensure compliance
An understanding of information security controls and principles that ensure confidentiality, integrity, availability of sensitive information, and experiencing of implementing Privacy by Design and Data Flow Mapping
Experience of responding to potential privacy incidents, to mitigate risk, determine reporting requirements, and developing corrective action plans when needed
Demonstrated leadership and problem-solving skills, and ability to work under pressure
Experience of communicating effectively with the highest levels of management and decision-making individuals within the organization
Fluent in English (mandatory) and French (desirable)
Please note that only applications submitted in English will be considered.
BNP Paribas is an equal opportunity employer and proud to provide equal employment opportunity to all job seekers. We are actively committed to ensuring that no individual is discriminated against on the grounds of age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity, race, religion or belief, sex or sexual orientation. Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.