Data Protection Officer

  • Kraken
  • Remote
  • Feb 10, 2021
Full time Compliance

Job Description

About the Role


This role will lead our compliance with Data Privacy regulations globally and serve as the designated DPO in all jurisdictions, as required.  Candidate must communicate effectively with members from all levels of the company to educate, guide, and inform of our obligations to protect customer information.  The successful individual will also engage in any "event" where privacy may have been violated and take an active role to ensure that our disclosure and reporting requirements are fulfilled.

Responsibilities

  • Develop, implement, and maintain a data privacy program in accordance with GDPR and other relevant international data protection regulations
  • Ensure proper registration with Data Privacy authorities for all Kraken subsidiaries globally
  • Inform, advise and issue recommendations to the company regarding data privacy and protection compliance
  • Actively collaborate and coordinate with all stakeholders in the event of a data breach or other incident
  • Manage internal and external privacy compliance audits
  • Foster a data protection culture within the company and help to implement essential elements of the GDPR, such as the principles of data processing, data subjects’ rights, data protection by design and by default, records of processing activities, security of processing, and notification and communication of data breaches
  • Conduct data protection impact assessments (DPIAs)
  • Draft policies and standard operating procedures related to privacy and data storage
  • Serve as the point of contact between Kraken and all data protection authorities
  • Provide regular data protection-related training of regulations and company procedure updates to staff
  • Monitor performance and providing advice and reports on the impact of data protection efforts to stakeholders at the all levels including executives
  • Maintain comprehensive records of all data processing activities conducted by the company, including the purpose of all processing activities, which must be made public on request
  • Interact and communicate effectively with data subjects to inform them of how their data is being used, their rights to have their personal data erased, and what measures the company has put in place to protect their personal information
  • Staying current of events and developments in the InfoSec and Privacy sector

Requirements

  • Expertise in European, and international data protection laws and practices and an in-depth understanding of the GDPR, CCPA, and similar regulations
  • Exceptional communication skills and ability to interact with all stakeholders; executives, employees, and clients
  • 5+ years of experience in data protection program management;
  • Familiarity with privacy and security risk assessment and best practices, privacy certifications/seals, and information security standards certifications
  • Sound understanding of and familiarity with information technology programming and infrastructure, and information security practices and audits;
  • Adequate self-awareness and confidence to acknowledge knowledge gaps and seek to fill them from reliable sources
  • Sufficient understanding of the processing operations carried out, as well as the information systems, and data security and data protection needs of the employer;
  • Relevant certification (CIPP, etc) is preferred
  • Ability to handle information and business affairs with secrecy and confidentiality as appropriate
  • Demonstrated leadership and project management experience
  • Knowledge of the virtual currency space and Kraken