Ericsson Group Function Legal Affairs & Compliance includes a Group Privacy Office at Ericsson HQ in Stockholm, headed by the Group Data Protection Officer.
The Group Data Protection Officer (GDPO) is the Senior Advisor to Ericsson on Privacy and is responsible for the organization’s privacy compliance activities.
The Group Privacy Office develops and maintains Ericsson’s Privacy compliance program. The Office also support compliance teams in the Market Areas or operational units, which are responsible for supporting and monitoring the execution of the Privacy compliance program in all operating units and legal entities within the countries of responsibility.
Our aim is always to be the best in-house legal and compliance team possible!
Do you want to help us advance and be a part of a unique unit that supports Ericsson globally in privacy compliance challenges? This is the role for you!
- The Privacy Compliance Officer provides leadership and guidance operationalizing the global privacy program working in alignment with the Compliance officers, privacy officers and other stakeholders in Ericsson.
- Under the direction of the GDPO, this position oversees the global privacy program’s ongoing activities.
- The Privacy Compliance Officer will design, develop, implement, administer and monitor the global privacy program, aligned with other compliance program activities.
- This includes accountability for serving as a subject matter expert on highly complex privacy issues, and for translating relevant regulations, and industry privacy standards into policy, guidance, tools, best practices, and metrics, resulting in a global-wide privacy compliance program.
- Documents and implements a privacy compliance risk management process.
- Participate in the enhancement of and then oversee a breach response and notification program.
- Create internal audit and monitoring program aligned with internal stakeholders to ensure compliance with internal policies, contractual requirements and regulatory mandates.
- Establishes and administers a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning privacy policies and procedures.
- Cooperates with the stakeholders, authorities, other legal entities, and organizational executive officers in any privacy compliance reviews or investigations.
- Lead in developing a culture of privacy compliance, setting an example for transparency and promoting an environment where speaking up in a professional manner is encouraged.
- Provide regular updates to management teams, the compliance organization and others, as needed, regarding implementation of the privacy compliance program, including relevant Key Performance Indicators (KPIs) in areas of responsibility.
- Maintain a sound understanding of the business activities and applicable laws and regulations.
- Establishes strategic goals for the privacy compliance program by gathering pertinent business and compliance information and evaluating outcomes.
- Identify privacy compliance priorities; plan and prioritize activities based on risk on a prescribed cycle (e.g., development of annual privacy compliance plan).
- Alongside colleagues working in other privacy functions, perform privacy compliance risk assessments, reviews and monitoring.
- Conduct and ensure appropriate monitoring of compliance training and awareness programs.
- Review commercial projects to identify and mitigate privacy compliance risks presented.
- Ensure effective implementation of Third-Party Due Diligence (TPDD) process and train functions involved in the process.
- Maintain documentation of compliant, timely and practical advice.
- Work with local head(s) of legal and other stakeholders to ensure that interactions with local authorities and regulators are coordinated; implement processes to identify and manage regulatory requests and deadlines.
- Assist with or conduct privacy compliance-related merger and acquisition (M&A) due diligences and execute integration activities, as needed.
- The Privacy Compliance Officer reports in the line organization to the Group Data Protection Officer.
Profile and competence requirements
- High level of integrity with character consistent with Ericsson values of respect, professionalism and perseverance; must be empathetic and willing to listen.
- Excellent communication, interpersonal, leadership, coaching, and conflict resolution skills.
- Master of Law, Business, Accounting or other university degree suitable for privacy compliance.
- Certification by IAPP (International Association of Privacy Professionals) such as CIPM, CIPP/E, CIPP/US, CIPP/A or equivalent highly recommended.
- Experience as Data Protection Officer is an advantage.
- Fluent in English, second language desirable.
- Working experience 5 years in privacy compliance, legal or other relevant field (finance, audit).
- Good business knowledge/understanding.
- Excellent networking ability and social skills including the ability to handle executive level internal and external contacts, including Government authorities and regulators.
- International experience and cultural awareness.
- Independent, goal-oriented and systematic way of working.
- Willingness to travel up to 20%.
How to Apply?
Interested in joining our #TeamEricsson? Feel free to apply and include resume in English, outlining how you meet the specific requirements of the position.
The selection and interview process are ongoing. Therefore, send in your application in English as soon as possible, by February 29th at the latest.
If you have any further questions, you are welcome to contact the recruiter: Rebecka Gustafsson (firstname.lastname@example.org).
Please note that we do not accept applications sent via e-mail.
We welcome the opportunity to meet you!
Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.
Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.
Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.
Primary country and city: Sweden (SE) || || Stockholm || SharedServ
Req ID: 339210