See job description for details
is the cybersecurity company
, specialized in SECURITY ADVISORY
, SYSTEM INTEGRATION
, fully providing consultancy services and integrated solutions.
We support our customers to apply pervasive security
methodologies and tools on all the different stages of the digital transformation
path, while protecting the organizations from cyber attacks
through advanced and innovative methods
for identifying and analyzing risks, vulnerabilities and threats.
This approach allows the enterprises to enhance their security posture
while continuing to operate in optimum conditions
We are looking for an experienced Data Protection and Privacy Consultant (2 to 4 years of experience) that would like to join Spike on its innovative, challenging projects.
Specifically, the resource will be involved in the following activities:
Professional skills and requirements
- Complete and review impact assessments, third parties questionnaires, records of processing activities, subject access requests, and similar data privacy compliance documentation
- Assist with drafting privacy/data protection/security terms for third party agreements and, in case of extra EU data transfer, drafting of Standard Contractual Clauses (SCC) and Transfer Impact Assessment
- Manage privacy by design activities within wider projects, identifying, evaluating, and designing best in class solutions and strategies to support our Clients to mitigate risks and to be able to demonstrate full compliance with the privacy regulations (e.g. GDPR compliance, ISO 27701)
Generally, the candidate must have a working knowledge of data protection and privacy processes, methodologies, standards and best practices. The ideal candidate will have the following requirements:
Nice to have
- At least 2 years of experience in privacy and data protection topics, e.g. developing, implementing and maintaining data privacy policies, procedures and infrastructure
- Deep knowledge of data protection and privacy regulation, standards and best practice, and proven experience in related application (i.e. GDPR, Provisions of the Italian Garante, EDPD guidelines, Cookies, etc.)
- Knowledge of cyber and information security regulation, standards and best practices
- Passion and curiosity for the cybersecurity industry and technology trends, innovations and frameworks with impact on data protection and privacy
- Bachelor degree in computer science, engineering or equivalent
- Solid knowledge of MS Office tools (MS Excel, MS PowerPoint, MS Word)
- Ability to work in large international contexts
- Team work attitude
- Native proficiency in Italian
- Professional proficiency in English, oral and written (at least B2 level).
- Privacy professional certification (e.g. CIPP, CIPM, CIPT)
- Knowledge of general cyber and information security concepts and framework, such as Governance, Risk & Compliance
- Certifications on Information Security and IT Audit (e.g. ISO/IEC 27001 Lead Auditor, CISM, CISA, ITIL, etc.)