Global Data Protection Officer and Information Security Consultant

We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence.

As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations.

About GSS

As the internal support organization for DNV and DNV owned companies, we deliver shared services within Human Resources, Finance, IT and Real Estate & Procurement to DNV globally. Our mission is to enable DNV to grow, succeed with its business goals and improve competitiveness. Customer experience is at the core of everything we do. GSS is responsible for many of the tools, processes and daily routines that create the backbone of DNV.

About the role

The IT Security Management unit is one of two security units in the Global Shared Services IT (GSS IT) organisation, providing security services internally to DNV. The primary focus of the IT Security Management team is on Governance, Risk, and Compliance (GRC). Their services consist of information security risk management, vendor security assessments, application security assessments, security architecture and security advisory. The unit collaborates closely with DNV Business Areas and DNV Group functions.

The Global Data Protection Officer (GDPO) reports to GSS IT Security Management team but also has a functional line to Group Compliance. In this dual role, you will be responsible for GDPO duties and will also provide information security consulting in GSS IT.

GDPO advises DNV on how to manage personal data in line with Norwegian Regulations and the EU General Data Protection Regulation (GDPR) with legal support from Group Compliance, as part of the compliance programme.

• Your key responsibilities will include, but not be limited to:
• Informing and advising the organisation, including top management, on its personal data protection obligations in collaboration with Group Compliance.
• Coordinating the team of Data Protection Managers, Regional Data Protection Representatives, and other local Data Protection Officers in collaboration with Group Compliance.
• Providing consultation on new processes, systems, and tools for handling personal data.
• Serving as the contact point for handling personal data breaches, for individual data subjects, and for data protection authorities.
• Driving employee awareness and training initiatives related to data protection.
• Providing advice and suggested methodologies for carrying out risk evaluations and Data Protection Impact Assessments (DPIA).
• Informing and reporting the status and achievements to a personal data protection advisory board consisting of senior management, and providing a bi-annual report to the Group CEO.

This role may entail occasional travel to various locations as part of job responsibilities.

Additional notes

• We are accepting applications until the 31st of January 2024.

What we offer

Reasons to join us

• Attractive rewards. We offer a comprehensive benefits package, including 6 weeks annual vacation, subsidised canteen, competitive pension, insurance, and parental leave agreement, in addition to a global profit share scheme.
• Work/life balance. We offer flexible working hours and workplace, with focus on work/life balance for our employees.
• Supportive and caring culture. Our international culture embodies diverse colleagues who value teamwork and inclusion across business areas and borders. We offer opportunities for our employees to connect through social and professional networks. Our largest community CONNECT, throws after-works and informal meetings all year long for you to join.
• Career and development. DNV offers extensive possibilities to grow and develop your competencies and career ambitions. We have a strong company culture with emphasis on growth mindset, knowledge sharing, and professional and personal development.
• By joining DNV you become part of a world-leading company whose purpose is to safeguard life, property, and the environment. Our values “we care, we share, we dare” characterise how we work and behave towards each other and our customers.

DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity.

About you

We are looking for a candidate with:

• A university degree in technological sciences
• Experience with risk management and information security, particularly in privacy and compliance
• Good knowledge of cyber security including privacy
• Authority and independence necessary to address privacy issues, including breaches
• Good knowledge of Microsoft’s product portfolio
• Excellent communication and interpersonal skills
• Fluent proficiency in both English and Norwegian
• Outstanding analytical and problem-solving abilities

Desired personality traits:

• Adaptable, proactive, and service-oriented mindset
• Comfortable navigating new challenges with a personal drive to achieve goals
• High integrity

Preferred:

• Leadership experience
• Experience in IT security processes and planning