Intro:
As a Data Privacy Counsel and DPO you will join a growing legal team of a scale-up crypto company, which is expanding its operations and presence in Lithuania.
Job Summary:
As the Data Privacy Counsel & DPO, you will dedicate 80% of your time to DPO responsibilities and DORA compliance. This includes managing data protection strategies, ensuring regulatory compliance, and guiding the organization on data privacy matters. Additionally, you will support IT security efforts and assist with IT and software agreements to ensure compliance across all digital operations.
Key Responsibilities:
Data Privacy & DPO Responsibilities
• Act as the Data Protection Officer (DPO), leading the development and oversight of data privacy policies to comply with GDPR and other data protection regulations.
• Conduct data protection impact assessments (DPIAs) and ensure privacy-by-design principles are integrated into all projects.
• Serve as the main contact point for data protection authorities, managing inquiries, regulatory filings, and any investigations.
DORA Compliance
• Develop and implement compliance programs for the Digital Operational Resilience Act (DORA), coordinating closely with IT and operational teams.
• Lead operational resilience assessments, incident response planning, and risk management processes to meet DORA standards.
• Prepare for and manage DORA compliance audits, working to continuously improve operational resilience measures.
IT Security
• Collaborate with IT teams to develop and implement cybersecurity policies and controls aligned with regulatory requirements.
• Conduct regular IT security risk assessments and provide guidance on mitigating risks to data integrity and security.
• Ensure ongoing alignment of IT practices with data protection and security standards.
IT Software Agreements
• Review and advise on IT software agreements to ensure compliance with data protection, DORA, and IT security requirements.
• Work with legal, IT, and procurement teams to evaluate vendor risk, securing adherence to data protection and privacy standards in third-party agreements.• Master’s degree in Law; additional certifications in Data Protection (e.g., CIPP/E) or Information Security (e.g., CISSP, CISM) are a plus.
• Minimum of 4 years of experience in data privacy law, regulatory compliance, or a similar role, with strong knowledge of GDPR, DORA, and IT security frameworks.
• Proven expertise in developing and implementing data protection and privacy policies, as well as experience in IT security best practices.
• Strong analytical and problem-solving skills, with the ability to communicate complex legal and regulatory requirements effectively across departments.
Why Join Us?
How to Apply:
If you meet the above qualifications and are excited about contributing to our team, we encourage you to apply!