Third Party Compliance Analyst, Data Privacy and Information Security Risks

Third Party Compliance Analyst, Data Privacy and Information Security Risks, Poznań

It is an exciting time to be joining Carlsberg’s Data Protection and Privacy Team as we are expanding and centralizing our capabilities to screen our service providers to ensure they meet Carlsberg’s requirements for data protection, privacy, and information security.

To maintain resilient and compliant operations, it is crucial to ensure that the third parties we interact with do not pose a risk to Carlsberg and that a certain level of maturity is in place to meet privacy and information security requirements.

The Data Protection and Privacy Operations team is a part of IIT and we are responsible for ensuring that personal and sensitive data is protected according to GDPR requirements.

IIT is the global provider of technology services to all business functions, regions, and markets in the Carlsberg Group.

We are a global organisation, and we have a tight collaboration with our local markets in all three regions: Western Europe, Central & Eastern Europe and Asia.

What you’ll be doing

You will be a part of a bigger team supporting IIT GRC (Information Security) and Legal & Compliance (Data Protection). You will be collaborating closely with information security and privacy SMEs and other functions with Carlsberg.
In this role you will manage the process flow end-to-end and ensure that both the initial screening is conducted and that all risks are recorded, managed and assigned to the right stakeholders in the organisation.

You will also:

• Ensure the workflow on our vendor risk management platform is maintained and operational
• Be the interface between Procurement and the Security and Privacy functions in screening third parties
• Perform the initial screenings and assessments of vendors
• Play a key role in ensuring all risk mitigations are recorded and communicated to the business owners and contract managers
• Monitor critical third parties
• Coordinate audit activities with contract owners and security and privacy teams
• Ensure all screenings are aligned with Carlsberg policies and standards

What we’re looking for

• Solid process understanding
• Systematic approach to navigating in a complex environment
• Someone who enjoys collaborating across functions
• Technical understanding of security and data privacy controls
• Experience from either procurement or with screenings of vendors
• Someone who has certifications within security or data protection (such as ISO 27001, CIPP/E, CIPM, or CIPT) or would be committed to obtaining them.
• Knowledge of directives and frameworks such as NIS2 and GDPR, ePrivacy Directive, EDPB guidelines.
• Someone available for business travel 

What you can expect

We’re asking for a lot, but you’ll be well-rewarded with:

• Focus on your development
• Fun and informal work atmosphere, in a truly global team
• Great professional challenges and chances to grow
• Flexible working hours
• Working in a hybrid mode (min. 2 days in the office per week)
• Private health care, accident insurance, and MyBenefit system at your disposal
• Annual bonus
• Holiday benefit “Wczasy pod Gruszą”
• Christmas gift & MyBenefit points
• Additional holiday for Birthday & job anniversary
• Internal trainings
• Periodical beer allowance & 0% beer available at the office
• Co-financed lunch
• Well-being platform
• Social events such as e.g. Thursday Bars in the office
• Employee Referral Program
• Bike parking space
• Modern ergonomic office space with a chillout zone
• Exciting growth and development opportunities within the organization
• Working in a passionate, international environment.

We read applications continuously and vacancies may be filled anytime. We look forward to receiving your application.

Carlsberg Group: Brewing for a better today and tomorrow

For us success has always been in the diverse mix of our people, our beers and our brands. At Carlsberg, we want to recruit and develop people with a global mindset, cultural understanding, and international experience to ensure that our organization stays agile, inclusive and prepared for future growth. Only by acknowledging and harvesting from different perspectives and experiences, will we gain competitive advantage and leverage the effect of diversity for business growth. Carlsberg aims to create equal access to opportunity regardless of social identity, and we encourage everyone to apply regardless of gender, nationality, race, religion or any other characteristics protected by law.