Data Security, Risk & Compliance Manager - Responsable Sécurité des informations, Risque et Conformité H/F

Data Security, Risk & Compliance Manager - Responsable Sécurité des informations, Risque et Conformité H/F

  

This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2 days per week from an HPE office.

Who We Are:

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.

Job Description:

   

As the Data Security, Risk & Compliance Manager, you are the single point of contact and trusted advisor into the HPE trust Office for Privacy, Data Protection regulations to protect our French entity and promote our solutions. Your regular risk assessment and continuous regulation monitoring should maintain our compliance with local requirements.

Your Missions

• Manage Personal and Sensitive Data Protection in line with local regulations and HPE policies
• Be the interlocutor of CNIL: acting as DPO and able to transcript recommendation into IT solution
• Be responsible of all data security commitments and elaborate data security awareness trainings
• This role should prevent or cover potential crisis management mainly around data breach in alignment with local regulation and contractual commitments.
• Ensure RFP support for security aspects around Privacy and data resilience requirements.
• Promote HPE security solutions with data protection angle to customers DPO, CDO, GRC and be able to participate to whitepaper or article around this topic.
• Be the local expert concerning European standards or regulations (RGPD, NIS 2, DORA, CRA, AI Act…) to support local deployment in alignment with corporate recommendations when required.
• Maintain liaison with domestic and international law enforcement, governmental security and intelligence agencies, industry organizations, and relevant organizations and individuals
• Work with Security partners to provide data protection solutions to our customers in line with local security regulations and build presentation with our Demo Center in Geneva.
• Responsible for protecting HPE global assets and interests which include data, property, brand.

Education and Experience Required: 

• Qualified at a minimum of Engineer’s Degree level
• 10+ years’ experience in Data Privacy, Data Protection or GRC (Governance, Risk, Compliance)
• Some certifications such as CIPP, DPO, ISO27005, Ebios, NCSP Practitioner

Skills and expertise:

• Security and Risk Management – Data Security
• Legal background around Data Privacy
• Demonstrates excellent consultative skills
• Fluent in English and French

Specific skills sought

• Experience in cybersecurity projects aligned
• Expertise in cryptology, tokenisation or anonymization solutions (HSM, BYOK/HYOK)
• Good understand of news risk around AI potential attacks and mitigations
• Strong knowledge of European regulations: RGPD, NIS2, DORA, CRA, IA Act, SNC V3.2/EUCS
• Eligibility to security clearance (habilitation secret) is preferable for this role

Soft skills

• Discretion, diplomacy, confidentiality, resourcefulness
• Very good communication skills (both written and oral) and customer relations
• Analytical thinking to interpret complex legal and technical information, and assess privacy risks
• Leadership to make decision under pressure and inspire confidence
• Stakeholder management with internal teams (legal, IT, HR, Marketing), external regulators and customers

Additional Skills:

Accountability, Accountability, Action Planning, Active Learning (Inactive), Active Listening, Bias, Business, Business Growth, Business Planning, Business Relationship Management (BRM), Business Relationships, Coaching, Commercial Acumen, Creativity, Critical Thinking, Cross-Functional Teamwork, Customer Experience Strategy, Customer Relationship Management (CRM), Data Analysis Management, Data Collection Management (Inactive), Data Controls, Design Thinking, Empathy, Follow-Through, Growth Mindset {+ 9 more}

What We Can Offer You:

Health & Wellbeing

We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.

Personal & Professional Development

We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division.

Unconditional Inclusion

We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.

Let's Stay Connected:

Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE.

Job:

Public Aff

Job Level:

Master

    

HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity.

Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities.

   

HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.