Data Protection Officer - KD1217

The Data protection Officer will mainly be responsible for overseeing data protection strategy and implementation to ensure compliance of our Institute with GDPR requirements, while our RDI staff continues to aim at excellence in Research, Development and Innovation activities
1A-B, rue Thomas Edison, Strassen 1445, Luxembourg
19/12/2017 16:42:54
Key Accountabilities

·         Inform and advise the institute and its staff about the obligations pursuant to applicable data protection legislation;

·         Act as the contact point for any internal questions raised on data protection issues;

·         Monitor compliance with applicable data protection legislation and with the institute policies related to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved, and related audits;

·         Maintain a record of data processing activities;

·         Maintain a registry of the institute’s research related databases;

·         Provide advice where requested as regards data protection impact assessment and monitor its performance;

·         Identify the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing;

·         Serve as the point of contact between the company and GDPR Supervisory Authorities; for example the Luxembourg Data Protection Authority (CNPD), lawyers and policy makers

·        Act as the contact point for the CNPD on issues relating to processing, including the prior consultation, and consult, where appropriate, with regard to any other matter as well as for data subjects relating to processing carried outby the institutes

·         Design security action plans, dashboards and indicators enabling LIH/IBBL to monitor, maintain and improve the data protection policy;

·         Contribute to align organizational and technical measures with the institutes data protection compliance target


·         University degree (Master or higher) in Law, Economics, Business Management, Life or Medical sciences and/or IT (big data). Any certification in the field of data protection such as the IAPP CIPP/E and/or CIPM Certifications is an asset;

·         Min. 3-5 years of professional experience in the data protection field (ideally in a Research Environment);

·         Very good knowledge of the legal, technical, IT and organizational framework regarding data protection and GDPR regulation;

·         Very good analysis and synthesis capacity;

·         Strong ability to adapt and work easily with different staff members, at different levels, as well as transversally;

·         Fluent in French and English, proficiency in German and/or Luxembourgish is a plus.

CDI - Full time - Available immediately