Discover ING Hubs Romania

ING Hubs Romania offers 130 services in software development, data management, non-financial risk & compliance, audit, and retail operations to 24 ING units worldwide, with the help of over 1700 high-performing engineers, risk, and operations professionals.

We started out in 2015 as ING’s software development hub – a distinct entity from ING Bank Romania – then steadily expanded our range to include more services and competencies.

Now we provide borderless services with bank-wide capabilities and operate from two locations: Bucharest and Cluj-Napoca.

Our tech capabilities remain the core of our business, with more than 1500 colleagues active in Data Management, Touchpoint Channels & Integration, Core Banking, and Global Products.

We enjoy a flexible way of working and a highly collaborative environment, where fair and constructive feedback is encouraged.

For us, impact isn't a perk. It's the driver of our work.

We are guided and rewarded by a shared desire to make the world a better place, one innovative solution at a time. Our colleagues make it their job to do impactful things and they love doing it in good company. Do you?

The Mission

The Data Protection Expert is responsible to deliver day-to-day data protection executive services to entities within the ING Group. The Data Protection Expert will be working closely with the Chapter Lead Data Protection Executive Services, the DPE teams from other entities within the ING Group, the DPO teams from the corresponding entities within the ING Group, and Group Data Protection Executive Office and Data Protection Office to monitor and support ING Unit’s compliance with the ING’s Global Policy for Data Protection (GPDP) and alignment with the overall personal data strategy of ING Group as a whole.

Your Day-to-Day

Daily activities include collaboration with the relevant stakeholders to:

• Drive the implementation of the GDPR and other relevant legislation, through governance, data inventory, data policies & processes, controls;
• Provide 1st line support and operational assistance on data protection matters for stakeholders in business lines and support functions;
• Monitor the implementation of the GPDP local and global procedures, and other data protection relevant legal acts, regulations, policies and best practices;
• Cooperate with other 1st line teams when the yearly key control testing (KCT) takes place, and offer assistance with the fulfilment of the KCTs;
• Creating awareness and deliver trainings on data protection compliance;
• Assist in the investigation of data breaches, manage data breach notifications, the resolution and remedial action of all data protection incidents and report these where appropriate to the local responsible bodies;
• Manage and provide data protection assistance in the timely and complete filling of Records of Processing Activities along with the involved stakeholders;
• Manage and provide data protection assistance with respect to performing Data Protection Impact Assessments, Legitimate Interest Analysis, Transfer Impact Assessments, along with the involved stakeholders;
• Manage and provide data protection assistance on the implementation of the retention periods for personal data, and take the necessary deletion/destroyal actions after such periods expire,
• Prepare and report on GPDP related metrics and other activity reports and presentations to Group and local stakeholders and bodies in case required;
• Offer advice and support to contract owners by performing an initial data protection assessment on 3rd party contracting (data processed, purposes, subcontractors, 3rd countries etc.),
• Participate in the local implementation of global GPDP programs;
• Engage with those responsible for data protection in the business units and support functions to identify opportunities to improve the way ING protects personal data and support execution.

What you bring to the team

• Bachelor’s degree with approx. 3 years of professional experience in the control/ audit/ consultancy services/ compliance/ legal field connected to the data protection area, preferably in a similar business environment (banking/IT);
• Knowledge of the national and European data protection laws and practices, knowledge of the business sector, understand the processing operations, technologies and data security;
• Good understanding of general banking environment, governance structure, and banking products, services and operational flows;
• Good stakeholder management skills;
• Knowledge of data governance, data quality and data ethics is a plus;
• Legal background and relevant data protection qualifications are a plus: CIPP/E, CIPM, CIPT;
• Ability to develop working processes that provide structure and discipline;
• Experienced user of Microsoft Office package (Word, Excel and Power Point are a must);
• Very good organizing skills, team player with strong communication, negotiation and analytical skills, problem solving oriented, logical and open-minded, ability to work independently;
• English (writing, speaking) advanced.

If you want to deep dive into the processing of personal data conducted by ING Hubs Romania during the recruitment process and your rights related to it, read the privacy notices on our website (make sure to scroll until you reach the Data Protection section/ Candidates tab).