Senior Data Protection Specialist

About The Position

Requirements

• You are a proactive, pragmatic data protection specialist who thrives in a fast‑moving, international environment.
• You communicate clearly with technical and non‑technical stakeholders, influence decision‑making, and translate regulatory requirements into practical, risk-based controls.
• Detail‑oriented yet outcome-focused, you operate confidently in the first line of defence, contribute in committees, and collaborate effectively across time zones, building trust with colleagues in HQ and India.
• Significant experience (ideally 7+ years) in privacy/data protection in financial services or other regulated organisations. Further;
• Deep knowledge of GDPR, DORA and the Danish Data Protection Act; familiarity with ePrivacy and UK GDPR is beneficial.
• Demonstrable experience with RoPA, DPIA, LIA and TIA at scale; privacy by design/default and data lifecycle management.
• Strong analytical, writing and presentation skills.
• Understanding of operational resilience, incident/breach response and third-party risk data protection; experience with SCCs and cross-border transfers.
• Fluent in English; Danish is an advantage.

Nice To Haves

• Certifications such as CIPP/E, CIPM, CIPT or ISO/IEC 27701 are a plus.

Responsibilities

• Maintain and improve the Record of Processing Activities (RoPA), ensuring completeness, accuracy and timely updates across business journeys.
• Lead and advise on DPIAs, LIAs and TIAs, assessing risks, defining treatments and tracking remediation to closure.
• Embed privacy by design/default in change and product lifecycles, including minimisation, retention/deletion, pseudonymisation and secure data flows.
• Develop and deliver data protection training and awareness; measure effectiveness and report progress to committees and management.
• Support cross‑border data transfers and vendor due diligence (DPAs, SCCs), aligning data protection controls with DORA, operational resilience and third‑party risk processes.
• Prepare materials for and participate in Data Governance and Protection Committees; provide clear status reporting, metrics and insights on the operational effectiveness of implemented data protection controls; support audits and incident/breach readiness.