Description
NextLink is a Swiss IT consultancy company that has been providing both IT services and IT staffing to major customers for the past 20 years.
NextLink is currently looking for a IT Security Data Protection Consultant for a well-known pharma company based in St. Cugat, Barcelona, so knowledge and experience in Spanish data protection and privacy laws (LOPD) are a MUST.
Start Date: January 2018
End Date: June 2018
Job Location: St. Cugat, Barcelona 80-90%. Some remote work is possible
Activities:
IT Data Security, data protection and privacy, Information security laws and regulations
Develop, implement, and enforce policies and procedures of the organization's security and privacy program in accordance with applicable laws.
Develop, revise, refine and implement policies, processes, and technical controls to support the data security and privacy strategy
Ensure adherence to privacy/security standards defined, identify top few incidents and work with respective teams/individual to minimize the incidents
Ensure business processes and data exchanges adhere to the policies/laws
Ensure projects and their data processing adhere to the policies/laws
Ensure compliance with applicable data privacy laws
Ensures that management and third party data processors are informed/compliant with policies/laws
Liaises with Legal counsel and advises the Group's IT department in relation to IT and data security issues
Assists with activities to fulfil security and privacy objectives in accordance with business strategy
Maintain working knowledge and understanding of privacy laws and guidelines
Translates legal requirements into workable security solutions
Conduct privacy impact assessments and risk analysis
Skills:
Experience in information security, including knowledge of information security industry standards.
Experience of data classification, ownership/accountability and data privacy
In depth knowledge of data protection, information security practice, requirements and guidance.
Knowledge of and experience in implementing data protection audits and risk assessments
Experience in dealing with data security issues, managing investigations and implementing remediation
Passionate about privacy and personal data protection
Knowledge of and experience in Spanish data protection and privacy laws (LOPD)
Experience in regulatory frameworks in the healthcare/medical device sector