Data Protection Correspondent (m/w/d), München

DAB BNP Paribas ist die Bank für unabhängige Vermögensverwalter, Fondsvermittler, Anlageberater und institutionelle Kunden. In Deutschland führen bereits mehr als 60% aller bei der BaFin zugelassenen Finanzportfolioverwalter ihre Endkundendepots bei uns. Damit sind wir in diesem Segment der klare Marktführer! Für unsere Kunden sind wir heute ein stärkerer Partner denn je: Als Teil des großen Netzwerkes unserer Muttergesellschaft, der französischen BNP Paribas.

Tasks

• Supporting the Territory Data Protection Officer (T DPO) in all tasks of the 2nd Line Risk framework – from definition and management to independent reporting of critical data protection issues
• Supporting and advising the 1st line of defense of your entities on implementation of Group Policies and guidelines on Personal Data Protection and monitor consistency in their implementation
• Overseeing the compliance to Data Subject Rights obligations (identification, responses to Data Subjects, follow-up)
• You are accountable for conducting and overseeing Data Protection Impact Assessments (DPIA), including “Privacy by Design” checks, risk evaluations and the derivation of mitigation measures.
• Supporting the management of the Register of Processing Activities (RoPA) by performing gap analyses and documentation reviews
• You deliver regular awareness and training sessions for the business areas, identify training needs and develop training materials to ensure a high level of data protection across the organization
• Planning, executing and analysing 2nd Line controls in alignment with T-DPO
• Coordinating the collections of monthly reporting on DP Indicators & provide other relevant reportings, aligning the content with the T DPO in advance
• Your tasks also include monitoring and handling Personal Data Breaches (PDB); you produce risk assessments, report to the T DPO and support T DPO on notifications to supervisory authorities, initiate improvement and prevention measures
• Supporting the T-DPO by preparing the communication with external stakeholders, German Supervisory Authorities & Data Subjects
• You participate in committees on DP matters / Report on the status of the DP activities regularly and will be the PI Germany representative in relevant DP Group committees

Profile

• University degree (e.g., Law, Business Informatics, or a comparable field) and at least 5+ years of relevant professional experience in German data protection law, preferably within the banking sector
• You possess a recognized data privacy qualification (e.g., IAPP CIPP/E, CIPP/IT, CIPM) or an equivalent certification, and you are willing to acquire additional qualifications as needed
• Solid knowledge of the internal organization and processes of large enterprises, as well as a deep understanding of data processing and data flow scenarios (business applications, databases, cloud solutions)
• You are experienced in project and change management and can successfully coordinate teams in a matrix-based environment
• Strong analytical skills and have successfully implemented compliance programs for regulatory requirements (e.g., GDPR, BaFin requirements)
• Expertise in interacting with regulators (will be a plus)
• You work with a high degree of independence, structure and integrity, and you can communicate complex data protection topics clearly and persuasively with different stakeholders
• Excellent German and English language skills, both spoken and written