Data Protection Compliance Specialist - Tech @ING Hubs Romania

Discover ING Hubs Romania

ING Hubs Romania offers 130 services in software development, data management, non-financial risk & compliance, audit, and retail operations to 24 ING units worldwide, with the help of over 2000 high-performing engineers, risk, and operations professionals. 

We started out in 2015 as ING’s software development hub, then steadily expanded our range to include more services and competencies. Now we provide borderless services with bank-wide capabilities and operate from two locations: Bucharest and Cluj-Napoca. 

Our tech capabilities remain the core of our business, with more than 1800 colleagues active in Data and Analytics Tech, Tech Foundation and Channels, Retail Core Banking and Architecture, and Global Products and Technology Services. 

We enjoy a flexible way of working and a highly collaborative environment, where fair and constructive feedback is encouraged.  

For us, impact isn't a perk. It's the driver of our work. We are guided and rewarded by a shared desire to make the world a better place, one innovative solution at a time. Our colleagues make it their job to do impactful things and they love doing it in good company. Do you? 

The Mission

You will work within the vertical Group Data Protection Compliance, a department within Compliance that is in place starting March 2023. Data Protection Compliance is an important risk area with growing interest from both internal and external stakeholders.

As a Global Data Protection Compliance Specialist, you are (or can become) an expert on the area of Data Protection Risk Management, as this is a key compliance risk that the bank needs to manage. You have freedom to organize your work according to your own expertise and insights within team setting.

You will be member of the Global Data Protection Risk Management team that is responsible for global oversight of the Global Data Protection Policy (GDPR) and Global Record Retention and Deletion Policy (GRRD) risk and owns risk management direction for the organization to operate within risk appetite.

Although this is a virtual team, occasional travelling to Amsterdam is part of the function.

The Global Data Protection Compliance Risk Management team forms with the Data Protection Compliance Policy & Advisory team the vertical Data Protection Compliance.

Your day to day

As Data Protection Compliance Officer – IT/Tech, you:

• Proactively monitor and challenge technology-driven processing activities to identify data protection risks;
• Act as 2LoD) for data protection and record retention risks and controls;
• Apply strong technical insight to assess risks in system architecture, cloud services, APIs, data integrations, automation, and AI solutions;
• Track progress and closure of remediation of data protection risks (MIA’s/issues), including specific projects or program with global scope;
• You contribute to global functional oversight, monitoring and reporting activities;
• Participate in multidisciplinary/virtual risk and project teams and contribute to DPC global deep dive reviews and other initiatives.

What you’ll bring to the team

• 5+ years of experience in Data Protection, compliance, risk management, or (IT) audit (1LoD/2LoD), preferably in banking;
• Strong understanding of IT ecosystems, including applications, infrastructure, cloud, and data platforms;
• Profound knowledge of GDPR and preferably internal data protection policies;
• Ability to translate regulatory requirements into technical risk insights and controls;
• University degree or equivalent experience in Law, IT, Computer Science, Information Security, or related field;
• Excellent English communication skills.

If you want to deep dive into the processing of personal data conducted by ING Hubs Romania during the recruitment process and your rights related to it, read the privacy notices on our website (make sure to scroll until you reach the Data Protection section/ Candidates tab).