The Privacy Officer (PO) oversees all ongoing activities related to the development, implementation, and maintenance of the organization’s information privacy practices - globally.
The initial focus of this position will be toward the European Union General Data Protection Regulation (GDPR), but also be responsible for other global privacy regulations and initiatives impacting NTT Security.
Leads the Global privacy direction of NTTS.
Fulfils the statutory functions of the Data Protection Officer for NTTS operations within the EU, as required under the GDPR, including but not limited to;
informing and advise NTTS of their obligations under GDPR and other relevant privacy law;
monitoring compliance with the GDPR, and data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;
providing advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35 of the GDPR;
acting as the contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36 of the GDPR, and to consult, where appropriate, with regard to any other matter;
Provides development guidance and assists in the identification, implementation, and maintenance of organization information privacy policies and procedures in coordination with organization management and administration, the Executive Leadership Team and legal counsel.
The PO will be a strategic thought leader and have a proven track record of integrating privacy requirements with business functions.
Bachelor’s degree in Computer Science, Information Management, Business Administration, Information Security, Information Assurance, Information Systems, or other relevant field.
Certified in Data Protection, or Privacy Certification.
Ten years of relevant work experience designing, implementing, or auditing in Data Protection and / or Privacy processes, technologies, and practices.
Five years senior management experience in data protection, privacy, legal audit or compliance.
Deep knowledge of privacy regulations, data protection regulations, and information governance best practices.
Excellent communication skills (BoD, EC, Leadership, and Non-leadership) and negotiation skills.
Excellent leadership, creativity, presentation, writing, and collaboration skills.
Demonstrated Business Strategy, Security Strategy, Risk Management, Data Protection, and Privacy Skills.