About the Role - The Privacy Officer ensures the protection of personal data and compliance with privacy regulations. This role is crucial for harmonizing data processing activities (as defined in Art. 4 of the GDPR) and sensitive data within the company's core business and information governance, integrating technological, organizational, and legal skills. The Privacy Officer supports business processes with a cross-functional approach, observing, evaluating, and organizing data processing management to ensure legal complianceResponsibilities -Maintain and document a comprehensive and compliant Data Privacy Model, periodically revise, coordinating with the Risk & Compliance Manager, the internal procedures and responsibilities to address changes in laws, regulations and company policiesSupervise the updating of the Records of Processing Activities (RoPA) to ensure all processing and/or databases, tolls, data processors and other information are recorded, monitoring and assisting the business owners in the updating of the RoPAAnalyze the role of third parties in personal data processing activities, draft and update data protection clauses in contracts with third parties to ensure all privacy concerns, requirements and responsibilities are addressedWork with the business teams to ensure the company has and maintains appropriate privacy consents, authorizations, forms, Privacy Policy and Privacy NoticesConduct, together with the Data Protection Team proper evaluation in case of data breachesCoordinate with business teams to ensure existing and new services comply with privacy and data security obligationsAssist and support the business teams to actually put in place the “Privacy by Design” and “Privacy By Default” approach in developing project either ICT or business orientedAssist and support business teams in conducting impact assessments (DPIAs) and oversee risk analysis and mitigation activitiesEnsure that access procedures meet security requirements, including two-factor authentication, and that the Principle of Least Privilege (PoLP) is appliedSupport the different Departments in the evaluation of software and/or applications and assessment of data processors to ensure compliance with the privacy and data security policies and legal requirementsMaintain an active communication channel with the DPO, ensuring that any recommendations are implementedVerify proper classification of data and manage destruction and storage procedures according to company policiesOversee and ensure delivery of privacy training and orientation to all internal staff and their updating on the latest privacy regulations, privacy policies and any Data Privacy Model updatesRegularly monitor the communication channels defined and communicated by the company for the exercise of the data subject’s rights to ensure proactive response and compliance with the deadlines provided by GDPROn-going monitoring and updating on the regulatory framework with reference to any legislation that may impact and/or have intersections with privacy and the processing of personal data Qualifications - Master’s Degree in Law (as privileged title) or Management Engineering with in-depth knowledge and proven experience in data management and privacy compliance or Master's degree in Computer Science, Computer Engineering or related technical disciplines Data Privacy related.Technical Skills -In-depth knowledge of GDPR and applicable local and international data protection laws, as well as guidelines and/or orders issued by the Data Protection Authority and the European Data Protection Board and general knowledge of all those regulations that may have any interactions with privacy and personal data (e.g. Whistleblowing, Cybersecurity, Online Payments, E-Privacy, AI Act, Data Act, etc..) Practical skills in conducting Data Protection Impact Assessment (DPIA) to assess and manage privacy risks in high-risk processingFamiliarity with Identity and Access Management (IAM) systems and technical measures for data protectionFamiliarity with Data Privacy management toolsCertification in privacy management or compliance, such as CIPP or CIPM, is preferredWorking knowledge of computer security, including encryption, pseudonymization and MultiFactor Authentication (MFA) techniquesSoft Skills-Details oriented attitudeProfessional ethics approachRisk management ability and strategic visionAbility to explain complex privacy and data protection concepts in a clear and understandable way to different audiences, from technicians to managementAll qualified candidates will be considered for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or any other characteristic. Ready to drive change and innovation?Apply now and join Juventus!We will be in contact with candidates whose qualifications closely align with our requirements.