Informacje o stanowisku

We are seeking a Cybersecurity Data Protection Analyst to support and drive privacy risk management initiatives within the Enterprise Cybersecurity Risk team. This role plays a key part in ensuring that personal data processed through digital platforms, IT systems, and security technologies is handled in compliance with applicable data protection regulations and internal governance standards, while remaining aligned with broader cybersecurity risk practices.

• Have a solid understanding of data protection, information security, and risk management principles.
• Can translate business and regulatory risks into structured, actionable security or privacy controls.
• Demonstrate strong stakeholder management, communication, and influencing skills.
• Communicate confidently in English, both written and spoken, and can engage effectively with stakeholders at all organizational levels.
• Are comfortable working in complex, international, and matrix-based environments.
• Have practical experience with GRC platforms, including their configuration and use for risk and compliance activities.
• Are familiar with key cybersecurity and data protection frameworks and regulations such as NIST CSF, ISO 27001, NIS2, and GDPR.

We are seeking a Cybersecurity Data Protection Analyst to support and drive privacy risk management initiatives within the Enterprise Cybersecurity Risk team. This role plays a key part in ensuring that personal data processed through digital platforms, IT systems, and security technologies is handled in compliance with applicable data protection regulations and internal governance standards, while remaining aligned with broader cybersecurity risk practices.

,[Lead and perform Data Protection Impact Assessments (DPIAs) for both new and existing systems, including applications, cloud environments, and security tools. , Identify and evaluate privacy risks associated with personal data processing, with particular attention to high-risk activities. , Ensure DPIAs are conducted in accordance with relevant regulatory obligations and internal governance requirements. , Review and assess the adequacy of Technical and Organizational Measures (TOMs) designed to safeguard personal data. , Verify that implemented controls are risk-based, proportionate, and appropriate to the scale, context, and purpose of processing activities identified during assessments. , Provide clear recommendations and support decision-making related to risk mitigation, acceptance, or escalation in cooperation with Compliance and other stakeholders.  Requirements: GRC, NIST, GDPR, NIS2, ISO27001, Information Security, Privacy Controls, risk management, compliance

Praca Warszawa

Warszawa - Oferty pracy w okolicznych lokalizacjach