Data Risk Manager H/F
Schneider Electric
Paris
EUR 60 000 - 80 000
Description du poste
Job Purpose
The Data & Performance (D&P) organization drives the Company's agenda to deliver Trust Data @ Scale. As part of this, it also owns the company's data security strategy and initiatives to ensure proper data guardrails are in place.
Aligned to our Code of Conduct, the Trust Charter, and the regulatory landscape, we are seeking an experienced Data Risk Lead with an innovative, agile, and pragmatic mindset to secure data flows, architecture, bolster regulatory compliance, and future-proof our Data Strategy for existing and emerging threats.
The role will suit you if you have:
- External or internal consulting/advisory experience
- Experience in data risk and data privacy in other parts of SE such as product or digital
- Able to distill complexities into a succinct story for executive (e.g. 1-pager PowerPoint)
- Able to collaborate with vendors, digital, business/functions, etc.
- Have data analytics, security, or data access knowledge and experience
Duties and Responsibilities
- Lead the Data Risk management activity (inc. focus on Data privacy and protection), governing the rollout of policies, controls, standards, and maturity measurement
- Lead key Data Risk & Security Portfolio initiatives, such as our data privacy and protection program
- Support Data Risk governance topics such as data risk assessments, privacy reviews, and data residence or data localization
- Proactively engage the network of Data Officers & Data Domains with respect to Data Risk while providing guidance and mentoring to Data Offices as needed
- Animate innovation and knowledge exchange on data risk best practices, education, and awareness initiatives
- Assess, digest, and help divisions implement emerging data regulations
- Using data and learnings from incidents, assessments, and audits to drive our strategy
- Provide dashboard to management visibility of data risks
- Manage ISO 27710 to achieve compliance and drive maturity
- Collaborate and work as a team (internal and external) to achieve team objectives
- Develop and deliver training education and awareness initiatives
- Provide guidance and ensure Business Data Offices' continuous compliance with Schneider Electric security, legal, and data privacy policies and standards.
Qualifications
Experience
The candidate is expected to have achieved an industry-recognized privacy certification (e.g. CIPT or CIPP/E) and/or an academic university degree.
- External or internal consulting/IT advisory experience is valuable
- Experience in data security in other parts of Schneider Electric such as product or digital is relevant, including topics such as data classification or data leakage.
- Able to distill complexities into a succinct story for executive (e.g. 1-pager PowerPoint)
- Risk Assessment & Management skills / Audit capabilities: certifications, crown jewel evidence, BCP on track, post mortem on security incidents for governance adherence, overall reporting on security platform incidents
- Experience in developing security policies & processes
Professional Experience and Competences
- Four (4) to six (6) years related professional experience in the privacy field, including previous performance of privacy reviews
- Law Degree can be relevant, although we will evaluate candidates with different backgrounds.
- Privacy and/or Information Security certification (e.g. CISSP, CISM, CIPP, CIPM) and knowledge of applicable privacy regulations and frameworks (e.g. GDPR, CCPA, NIST CSF) desirable
- Experience in global positions and involvement in projects that impact multiple data laws and regulations will be valued
- Relevant education or external accreditation in the areas of data protection, security, audit, quality, or risk management would be a plus.
- Strong communication (including in a technical manner) and collaboration skills are required
- Ability to handle complex information, solve problems, and manage multiple tasks
- Strong organizational skills are required
Soft Skills
- "Customer first, Innovation Oriented" ways of working (flexible, personable, approachable, creative, bias-to-action and pragmatic)
- Strong problem-solving skills.
- Strong written and verbal communication skills to effectively communicate security principles, policies, and procedures into actionable designs and simple to follow mitigation steps for team members
- Ability to work under tight deadlines and self-prioritize responsibilities.
- Innovative, creative, entrepreneurial
- Team player & relationship builder
- Corporate - understanding company strategy and how it relates to our Data Strategy
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Décrochez un poste
plus rapidement
plus rapidement
