IT Compliance and Privacy Specialist (GRC)

México
Permanente
Tiempo completo

Hace 20 días

Job Title IT Compliance and Privacy Specialist (GRC)Job DescriptionAbout SignifyThrough bold discovery and cutting-edge innovation, we lead an industry that is vital for the future of our planet: lighting. Through our leadership in connected lighting and the Internet of Things, we're breaking new ground in data analytics, AI, and smart solutions for homes, offices, cities, and beyond.At Signify, you can shape tomorrow by building on our incredible 125+ year legacy while working toward even bolder sustainability goals. Our culture of continuous learning, creativity, and commitment to diversity and inclusion empowers you to grow your skills and career.Join us, and together, we’ll transform our industry, making a lasting difference for brighter lives and a better world. You light the way.More about the roleYour ChallengeAre you looking for an exciting new opportunity within Governance, Risk, and Compliance (GRC) that offers high visibility, close collaboration with adjacent compliance domains such as data privacy, and ample opportunities for personal and career growth? If so, we invite you to apply for the Senior IT Compliance & Privacy Manager position.Your ResponsibilitiesAs a Senior IT Compliance & Privacy specialist, you will be responsible for executing, optimizing, and, where necessary, defining the IT compliance management program. This program has a broad enterprise-wide impact, influencing vendor contracts and mitigating substantial compliance risks.Your key responsibilities include:

Supporting corporate compliance programs to ensure adherence to all applicable laws and regulations, particularly Data Privacy Law.
Assisting in monitoring and analyzing statutory and regulatory updates and contributing to the drafting of corresponding policies and procedures.
Conducting compliance, risk, and internal audits/assessments to identify and mitigate compliance risks.
Providing compliance and privacy support, including guidance for employee training programs.
Leading Business Impact Assessments (BIA) to identify and mitigate risks associated with key business processes.
Integrating privacy considerations into the design and development of services and products, ensuring compliance from inception.
Conducting Privacy Impact Assessments (PIA) to identify and mitigate risks related to personal data processing, particularly in Digital, AI, and Security domains.
Managing processes for identifying, reporting, and remediating personal data breaches, ensuring compliance with legal obligations.
Collaborating with internal stakeholders to embed compliance and data privacy into all organizational processes.
Staying informed about changes in global data protection regulations and adjusting company policies and procedures accordingly.

Our TeamThe GRC team plays a crucial role in supporting and driving the organization's vision by delivering key capabilities and fostering a culture of compliance, risk awareness, and ethical behavior. We strive for continuous improvement, aiming to establish best-in-class business processes aligned with strategic objectives while maintaining a cost-efficient IT landscape. Our team works closely with adjacent compliance domains such as data privacy, ensuring a reliable and value-driven IT organization.You will be an integral part of the GRC team, reporting to the GRC Compliance Manager.What We Are Looking For

A Master’s degree in a relevant field such as IT, Compliance, or Data Privacy.
10+ years of IT-related work experience, with at least 5 years in audit functions (including experience with SAP).
Experience working in a complex international organization with multiple stakeholders.
Strong competencies in IT risk management, data privacy laws, and their interaction with security functions.
Experience in senior management interaction and stakeholder engagement.
Excellent understanding of compliance management, audit processes, and information risk concepts, along with industry best practices.
Relevant certifications such as COBIT, ISO 2700x, CISA, CISSP, CIPP, or other compliance-related credentials are preferred.
Experience with compliance tools and platforms.
In-depth knowledge of legal and regulatory requirements, particularly GDPR and other data privacy laws.
Knowledge and experience in Artificial Intelligence (AI) will be an advantage.
Strong interpersonal and communication skills, with the ability to translate security and risk concepts for both technical and non-technical audiences.

Our OfferWe offer you innovative work environment with excellent opportunities for personal and professional development. You will be part of a dynamic, global team, driving compliance excellence and contributing to a secure, risk-aware organization.If you are ready to take on this exciting challenge, we look forward to receiving your application!Come join us, and together we can light the way.#LI-MA1

Signify

Postularse