Data Compliance Officer

Lisbon, Portugal
Operations – Finance
Full-time
Unbabel’s“Translation as a Service” platform allows modern enterprises to understand and be understood by their customers in dozens of languages.

Powered by AI and refined by a global community of tens of thousands of human linguists, Unbabel delivers professional-grade content at the scale required by modern enterprises like Facebook, Microsoft, Under Armour, Pinterest and Expedia.

Backed by Scale Venture Partners, Notion, Microsoft Ventures, Salesforce Ventures, Samsung NEXT and Y Combinator, Unbabel is accelerating the shift to a world without language barriers.
We are a diverse team, working every day to build an outstanding organisational culture, based on strong values of transparency, team spirit and continuous learning, with a fast-paced Silicon Valley atmosphere in the beautiful city of Lisbon, Portugal.

We are currently seeking a Data Compliance Officer for our team in our Lisbon office to ensure our company is compliant with the General Data Protection Regulation (GDPR), and all legal issues even if not related to data protection.

The DCO will report to our senior management. Data Protection Officer responsibilities include advising on our compliance with GDPR and local data protection laws, monitoring our adherence to legal standards and acting as a point of contact with supervisory authorities and data subjects. You will also create policies that enforce compliance with legislation and deliver GDPR trainings to our staff to increase awareness of data protection measures.

To be successful in this role, you should have in-depth knowledge of GDPR and local data protection laws and be familiar with our industry and the nature of its data processing activities. You should also know how to perform audits to our current procedures.

Ultimately, you will facilitate GDPR and legal compliance through transparent data protection policies, systems and procedures.

Responsibilities

    • Act as point of contact with EU residents, supervisory authorities and internal teams
    • Identify and evaluate the company’s data processing activities
    • Provide advice and instructions on how to conduct Data Protection Impact Assessments (DPIAs)
    • Monitor data management procedures and compliance within the company
    • Participate in meetings with managers to ensure privacy by design at all levels
    • Maintain records of processing operations
    • Ensure we address all queries from data subjects within legal timeframes (e.g. delete their information from our databases)
    • Liaise with other organisations that process data on our behalf
    • Write and update detailed guides on data protection policies
    • Perform audits and determine whether we need to alter our procedures to comply with regulations
    • Offer consultation on how to deal with privacy breaches
    • Arrange for training on GDPR compliance for employees
    • Follow up with changes in law and issue recommendations to ensure compliance
    • Ensure the compliance of all contracts (customers and vendors)
    • Support auditing certifications ISO 27001, PCI DSS, SOC. 
    • Support an internal compliance regime across all organization.
    • Maintain and test of Unbabel's business continuity and disaster recovery plans.
    • Document and maintain security and compliance related policies and procedures.
    • Advise the business as a whole, teams and colleagues on compliance matters.
    • Improve Unbabel's internal compliance awareness training.
    • Monitor the incident management reports and escalating material concerns.
    • Support information security risk assessments, registering and managing risks or other incidents. 
    • Support and enhance other customers/external audits, following up on any corrective actions that are identified
    • Respond to clients requests for compliance related information 
    • Maintaining a database of compliance materials and standard responses
    • Creation of appropriate reports and documents.

Key relationships

    • Finance, Sales, Engineering

Qualifications & Skills

    • Law degree (mandatory)
    • High verbal and written communication in English(C1 CEFR level)
    • Experience in data protection and legal compliance
    • Work experience in data protection and legal compliance is a plus
    • Solid knowledge of GDPR and national data protection laws
    • Knowledge of data processing operations in the SaaS environment is preferable
    • Familiarity with computer security systems
    • Ability to handle confidential information
    • Ethical, with the ability to remain impartial and report all noncompliances
    • Experienced management systems auditor
    • A broad understanding of quality standards and associated principles
    • An understanding of information security risks, issues and measures
    • Effective interpersonal, influencing and negotiation skills
    • Excellent communication and presentation skills and an ability to communicate effectively with both an internal and external audience
    • Strong written communication skills (including experience in policy writing)
    • Strong organisational skills and the experience to continually prioritise and respond to the changing needs of the business
    • A pragmatic approach and the ability to adapt to change as the organisation continues to expand.

Benefits

    • Competitive salary at one of Europe’s leading tech startups
    • Stimulating startup environment committed to diversity and inclusion
    • Individual budget for training and conferences
    • Individual budget to setup your workstation  (mechanical keyboard, mouse, etc.)
    • Stock options
    • Health Insurance
    • MacBook and external monitor
    • Yearly company retreat
    • Healthy food(fruit, dairy & snacks) in the office
    • English, Portuguese and Japanese language courses
    • Surf trips every Thursday morning before work
    • Team lunch every Tuesday
    • Drinks and snacks every Friday
Sounds great, doesn't it? If this position fits your profile, apply now with your CV in English!
(We are not accepting candidates coming from recruitment agencies at this moment)