Job
Description
EC-Council is the world's largest cyber security technical certification body. We operate in 145 countries globally and we are the owner and developer of various world-famous cyber security programs. We are proud to have trained and certified over 220,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide. The role of DPO as supporting Data Protection Officer (DPO) activities to ensure the organization meets its legal, regulatory, and security obligations. Data Protection & DPO Support Help maintain the Records of Processing Activities (RoPA) as required under GDPR. Support Data Subject Access Requests (DSARs), incident documentation, and breach notification processes. Assist the DPO in reviewing data processing agreements and privacy impact assessments (PIAs). Track and report on data protection training completion rates and privacy KPIs. Audit and Monitoring Coordinate with internal and external auditors during audit cycles. Track audit findings, prepare status reports, and monitor closure of compliance gaps. Support periodic reviews of vendor security and privacy compliance. Documentation and Reporting Maintain accurate records of risk assessments, audits, data privacy documentation, and security-related decisions. Generate dashboards, compliance status reports, and metrics for leadership. Training and Awareness Contribute to the design and rollout of security and privacy awareness programs. Help track and measure the effectiveness of awareness activities across business units. Technical and Functional Skills Familiarity with compliance frameworks and standards (ISO 27001, SOC2, NIST CSF, GDPR). Basic understanding of information security principles, risk concepts, and audit processes. Experience using GRC Risk Management framework (e.g., Excel-based risk register) is a plus. Understanding of privacy concepts such as personal data, consent, DPIA, and DSAR. Communication Skills Good written and verbal communication skills with the ability to document processes and prepare clear reports. Ability to interact professionally with teams across IT, legal, HR, and business functions. Education and Certifications Bachelors degree in Information Security, Computer Science, IT Management, or a related field. Certification or coursework in ISO 27001, SOC2, NIST, GDPR, CIPP/E, or similar areas is a plus. Personal Attributes and Soft Skills Strong attention to detail and documentation skills. Eagerness to learn and grow in the GRC and privacy domains. Organized and reliable, with the ability to manage multiple compliance tasks simultaneously. Ethical and trustworthy in handling confidential information. Additional Information We are an equal opportunity workplace and are an affirmative action employer. We are always committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status and we do not discriminate based on such characteristics, or any other status protected by the laws or regulations in the locations where we work. This job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. EC-Council is committed to working with and providing reasonable accommodation to individuals with disabilities. If you have a medical condition or disability which inhibits your ability to complete any part of the application process and need a reasonable accommodation to complete the process, please contact us ecchr@eccouncil.org and let us know how we may assist you. This notice together with our Privacy Policy and Terms of Use of this website and any other documents we mention here are meant to inform you on what personal data about you we collect, use, disclose, share, or otherwise process when you are applying for a job at EC-Council or when EC-Council contacts you for recruitment purposes. Please read carefully to understand our views and practices on how we protect your personal data - Privacy Policy | EC-Council (eccouncil.org).
