Global Data Protection Officer (GDPO)

We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliable insights so that critical decisions can be made with confidence.

As a trusted voice for many of the world’s most successful organizations, we use our knowledge to advance safety and performance, set industry benchmarks, and inspire and invent solutions to tackle global transformations.

About the role

The Global Data Protection Officer (GDPO) is a guardian of privacy and plays a key role in advising DNV how to handle personal data and safeguard privacy. The GDPO will have the opportunity to influence key decisions and drive the culture of privacy within DNV, ensuring that individuals’ privacy is respected and protected, building trust and integrity for DNV. The right candidate will have a unique opportunity to influence DNV’s privacy strategy and be a key player in defining the future of privacy as a tool to build trust in the digital age.

The GDPO advises DNV on how to manage personal data in line with Norwegian legislation and the EU General Data Protection Regulation (GDPR) with legal support from Group Compliance as part of the compliance program.

The GDPO belongs to Global Shared Services IT (GSS IT), the IT Security Management section, but does also have a functional line to Group Compliance.

The IT Security Management unit is one of two security units in the GSS IT organisation, providing a wide variety of security services internally to DNV. The primary focus of the IT Security Management unit is on Governance, Risk, and Compliance (GRC). Their services consist of information security risk management, vendor security assessments, application security assessments, security architecture and security advisory. The unit collaborates closely with DNV Business Areas and DNV Group functions.

Key responsibilities:

• Inform and advise the organisation, including top management, on personal data protection obligations in collaboration with Group Compliance.
• Coordinate the team of Data Protection Managers, Regional Data Protection Representatives, and other local Data Protection Officers in collaboration with Group Compliance.
• Guide teams and influence stakeholders by providing consultation on new processes, systems, and tools for handling personal data.
• Serve as the contact point for individual data subjects and for the data protection authorities, as well as contact point for handling personal data breaches.
• Drive employee awareness and training initiatives related to personal data protection.
• Provide advice and suggested methodologies for carrying out risk evaluations and Data Protection Impact Assessments (DPIA).
• Inform and report the status and achievements to a personal data protection advisory board consisting of senior management and provide a bi-annual report to the Group CEO.

This role may entail occasional travel to various locations as part of job responsibilities.

What we offer

As a GDPO you will have a unique opportunity to gain a prestigious position where your voice matters. You will have the chance to steer your career towards a path that is impactful, in demand, and at the heart of modern business ethics.

You will play a key role in shaping DNV’s data privacy and compliance responsibilities, increase personal visibility within the organization and engage with top-level management. You will be offered a seat to represent DNV in an external privacy network with the chance of collaboration and networking with top privacy expertise in Norway.

The position offers excellent opportunities for both professional and personal growth in an international environment with a high focus on competence, innovation, and teamwork. You will have the chance to collaborate across borders with highly skilled colleagues to contribute to making the world safer, smarter, and greener.

The GDPO role presents unique possibilities for making a direct impact on how DNV lives up to its vision and tagline ‘when trust matters.’

DNV is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity.

About you

We are looking for a candidate with:

• A university degree in technological sciences
• Extensive experience with risk management and information security
• Solid knowledge on data protection laws, including GDPR
• Minimum 5 years relevant experience withing privacy / personal data protection
• Authority and independence are necessary to address privacy issues, including breaches
• Good knowledge of Microsoft’s product portfolio
• An established contact network with effective engagement skills for both senior management and IT professionals
• Excellent communication and interpersonal skills
• Fluent proficiency in both English and Norwegian
• Outstanding analytical and problem-solving abilities

Desired personality traits:

• Adaptable, proactive, and service-oriented mindset
• Comfortable navigating new challenges with a personal drive to achieve goals
• High integrity

Preferred:

• Leadership experience
• Certification as a privacy or data protection officer, e.g. IAPP CIPM
• Experience in IT security processes and planning