BP - A Beneficência Portuguesa de São Paulo

Senior Privacy Analyst – DPO

BP - A Beneficência Portuguesa de São Paulo

full-time

Posted on:

Location Type: Hybrid

Location: São Paulo • 🇧🇷 Brazil

Visit company website
AI Apply
Apply

Job Level

Senior

About the role

  • Maintain the compliance strategy and update internal processes in accordance with sector regulations and standards of the National Data Protection Authority (ANPD);
  • Respond promptly and with high quality to the institution’s requests across one or more simultaneous projects;
  • Stay current with national and international data privacy developments, information technology, project management and process management;
  • Ensure privacy and data protection remediation proposals align with market best practices adapted to the institution’s needs and the projects in which they are applied;
  • Propose new methodologies, guidelines, policies and operating models that provide agility, simplicity and security in the processing of personal data;
  • Keep the institution in compliance with ANPD rules;
  • Deliver excellent service in responding to Data Subject requests;
  • Manage, investigate, record, contain and report security incidents involving personal data to the Authority;
  • Maintain a proactive and highly organized attitude, able to handle a high flow of requests with attention to deadlines and SLAs to provide agile and effective responses;
  • Actively participate in the technological and process solutions to align the institution with the Brazilian General Data Protection Law (LGPD - Law No. 13,709/18) and the European General Data Protection Regulation (GDPR);
  • Support business areas in their LGPD/GDPR compliance proposals by suggesting process alternatives that enable the business;
  • Support the structuring of the privacy and data protection program and monitor remediation activities across multidisciplinary teams;
  • Prepare opinions and guidance for implementation of technological and process initiatives, ensuring LGPD/GDPR compliance within a Privacy by Design approach;
  • Structure, review and keep the institution’s data inventory up to date;
  • Record, investigate and manage crises related to incidents involving personal data;
  • Participate in the communication, analysis and response process to data subject petitions/requests;
  • Participate in the evaluation of vendors and partners regarding their LGPD/GDPR compliance;
  • Perform risk assessments on implemented or in-development processes, preparing and recording DPIA/PIA/RIPDP documentation;
  • Create and manage governance and privacy indicators for risk management, data subject handling and privacy incident management for management reporting;
  • Conduct training and awareness programs related to privacy and data protection based on LGPD/GDPR concepts;
  • Monitor the legislative landscape on privacy and data protection and structure remediation projects to eliminate risks;
  • Extract and organize data and prepare reports;
  • Ensure correct application of risk mitigation processes related to data protection and privacy;
  • Ensure internal processes are optimized and controlled with productivity and reuse indicators;
  • Understand data protection aspects and impacts in the hospital environment, supporting minimization actions and process improvements to achieve process compliance;
  • Support emergency situations by preparing for and/or participating in drills related to environmental emergency response plans.

Requirements

  • Bachelor’s degree in Law, Legal Services or related fields;
  • Knowledge in Privacy and Data Protection;
  • Knowledge of Digital Law;
  • Certifications related to LGPD/GDPR;
  • Proficient with Microsoft Office (Excel, PowerPoint, Word);
  • Experience with OneTrust;
  • Proficiency in English;
  • Experience in LGPD/GDPR remediation projects in mid- to large-sized companies;
  • Mandatory certification in LGPD/GDPR or specialization in these topics;
  • Strong knowledge of data processing routines and process mapping;
  • Strong knowledge of databases, systems architecture and data administration;
  • Knowledge of information security;
  • Experience developing and implementing corporate policies, standards and procedures;
  • Experience in contract analysis (including international contracts).
Benefits
  • Transportation allowance
  • Meal allowance
  • On-site cafeteria
  • Medical assistance / Health insurance
  • Dental assistance / Dental insurance
  • Childcare assistance
  • Total Pass: a benefits platform that provides access to gyms and studios for employees and dependents.
  • Viva 365: programs and activities across five health dimensions — emotional, intellectual, physical, social and financial.
  • Women’s health programs (pregnancy follow-up and family planning), ergonomics and workplace exercise initiatives, partnership with SESC – Well-Being programming, employee space, running and walking events.
  • PAP (Personal Support Program) – a communication channel staffed by a broad team of specialists (psychologists, social workers, lawyers, educators, nutritionists, physiotherapists, physical educators, financial consultants and pet consultants).
  • Employee Health Center – telemedicine, urgent care and exclusive appointment scheduling for employees with general practitioners, psychologists, physiotherapists and acupuncture services within BP.
  • Healthcare professional day: May 12 is considered a holiday for the category; employees who work on this date are entitled to compensation according to criteria defined in the Collective Bargaining Agreement.
  • Discounts and partnerships: partnerships with establishments across various segments offering discounts; see the updated list on Workplace, our internal communication channel.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
data protectionprivacy compliancerisk assessmentprocess mappingdata processing routinesincident managementDPIA documentationLGPD complianceGDPR compliancecontract analysis
Soft skills
organizational skillsattention to detailcommunication skillsproactive attitudeability to handle multiple projectsteam collaborationproblem-solvingtraining and awarenessagilitycustomer service
Certifications
LGPD certificationGDPR certificationspecialization in data protectioncertification in digital lawlegal services certificationinformation security certificationprivacy by design certificationdata privacy certificationrisk management certificationcompliance certification