Interim - Group Cyber - Data Privacy Manager

Role for Serbia based with global reach
**Responsabilities**:
Assist with the review and monitoring of the IT Privacy Impact Assessments;
Assist with the review and monitoring of the IT privacy risk assessments & reviews;
Assist with assigned technology / solution onboarding reviews;
Assist with the ongoing monitoring of the IT Compliance Programs;
Policy & Procedure Management;
To conduct and facilitate reviews of IT privacy controls based on standard methodologies and an understanding of technical infrastructure, IT & privacy risk and cyber security;
**Core activities**:
Assist with IT risk assessments and reviews of SOx & non-SOx systems;
Assist with monitoring risk remediation programs with technical teams;
Assist with IT privacy risk assessments and reviews of SOx & non-SOx systems;
Assist with monitoring risk remediation programs with technical teams;
Assist in the maintenance of a register of IT third parties, pre
- and post-onboarding;
Assist with the performance of IT vendor risk gap analysis from a privacy perspective;
Assist with the monitoring of compliance to third party contractual commitments in relation to Privacy requirements;
Assist with the maintenance of related ROPAs;
To assist in the monitoring of compliance to data privacy technical control requirements for designated systems;
Assist with the remediation process for gaps / weaknesses identified;
Assist in the review and maintenance of the repository of Technology & Cyber policies and procedures. Ensure IT policies and procedures are updated from a data privacy point of view, as and when required, while ensuring privacy impacts are considered;
Facilitate reviews of data privacy programs with technical teams;
Carry out reviews to a professional standard;
Issue agreed review finding reports;
Facilitate the remediation process for gaps / weaknesses identified;
Identify areas of improvement;
Evaluate the design and the effectiveness of current data privacy controls.
**Competencies**:
University graduate in the areas of Data Privacy/Computer Science/Information Management Systems/Cyber Security/similar area;
CIPP/E, CIPP/US, CDPSE, CISA, CRISC qualification or actively studying towards one of these;
Strong IT skillset;
Good knowledge of IT and Privacy related frameworks and standards (e.g. Region Specific Regulatory Requirements such as GDPR, CPA, GDPL Brazil, POPIA, DPF, IAPP, Cloud Computing Code of Conduct, COBIT, ISO 27018, ISO 27701, NIST, Trust Principals);
Ability to weigh business risk, provide guidance and enforce appropriate technical controls;
Ability to understand technical requirements and functionality;
Energy, passion and a desire to learn;
Strong written and verbal communication skills;
Excellent interpersonal skills;
Attends relevant special interest groups; belongs to professional organisations;
Fluent English speaker.
About Ardagh Group
Ardagh is passionate about sustainability and have a reputation for innovation. We push the boundaries of what's possible, pioneering new production methods, new design techniques and new ways to recycle and save energy. Our aim is to reduce any negative environmental impact while remaining economically sustainable and socially responsible. We believe that the success of our business depends on the success of our people. We strive to create working environments where our employees feel valued, can work to their fully potential, and where their achievements are celebrated. Here at Ardagh, we offer exciting and rewarding opportunities for taleneted and creative people. If you have ambition and want to make an impact with your career, come and join our team, you'll enjoy the journey
Ardagh Group is an Equal Employement Opportunity (EEO) Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other basis prohibited by federal, state, and local law.
Ardagh Group complies with federal, state and local disability laws and makes reasonable accommodations for applicants and employees with disabilities.