ORCID is seeking an experienced and enthusiastic professional for the position of Data Protection Officer. This is a part-time position. If you like the flexibility of a remote organization and the public-service orientation of a non-profit, join us on our mission to connect research and researchers!
Who We Are
ORCID is a mission-driven, member-supported, community-governed non-profit organization. Our vision is a world where all who participate in research, scholarship, and innovation are uniquely identified and connected to their contributions across disciplines, borders, and time. Every one of ORCID’s employees is committed to that vision as well.
We believe in and operate by our three values. ORCID strives to be:
- Inclusive: We make decisions collaboratively, involving our staff, Board, those who support our mission, and the researchers and community that are the purpose of our work. We take a global view.
- Trusted: Privacy and researcher control underscores everything we do.
- Open: Our work is open, transparent, and non-proprietary.
Where We’re Located
As a fully-remote organization serving researchers everywhere, ORCID is able to hire talented individuals all over the globe, and we aim to have our people located in the communities that we serve.
The Role
ORCID is seeking a Data Protection Officer to lead the data protection and privacy activities of the organization, ensuring that all of the personal data we hold is managed to the highest standards and that our work complies with data protection regulations in the jurisdictions where we operate. The Data Protection Officer will uphold and improve our personal data management practices, conduct regular compliance checks, and build staff awareness on privacy best practices. This is a part-time position, with an estimated 20–25 hours per week required. We are seeking an individual preferably based in one of our existing European locations, including Hungary, Lithuania, the Netherlands, Portugal , Spain, and the United Kingdom. Other European locations may also be acceptable, including for example Ireland.
If you are an individual experienced in data protection regulations around the world, with detailed specific knowledge of the EU GDPR, who likes to foster teamwork and genuine collaboration, are assertive and self-motivated, organized, dedicated, and enjoy the mission-driven environment of a fast-paced maturing non-profit organization, this could be the job for you.
The position will be part of our Operations team, reporting to the Director, Finance & Operations. The successful candidate will have excellent communication skills and proven success as a Data Protection Officer at the management level.
Responsibilities
- Provide expert advice to staff on privacy and data protection requirements
- Serve as main point of contact for users, data protection experts at our member organizations and when necessary regulatory authorities on privacy and data protection matters
- Draft new and amend existing internal data protection policies, guidelines, and procedures, in consultation with key stakeholders
- Maintain and update ORCID’s privacy policy and other related documentation
- Devise and deliver regular training across to all staff members who are involved in personal data handling or processing
- Conduct audits to ensure compliance and to address potential issues
- Review vendors for compliance and act as signatory for data processing agreements
- Maintain records of all data processing activities of the company
- Working with the Executive Director, liaise with external legal counsel, the Board Audit and Risk Committee and other experts on data protection matters as necessary
- Act as an independent advisor to the Senior Team and the Board of Directors on data protection matters, helping to develop strategy and providing insights and recommendations.
- Communicate and champion our approach to data protection through occasional participation in external events, presentations and conferences, etc.
Requirements and Qualifications
- Three or more years of experience in data protection compliance or related field
- Expertise in data protection laws and practices, including deep understanding of the GDPR
- Experience in a legal, audit, or risk management role
- Strong project management skills
- Ability to work effectively under pressure and to manage sensitive and confidential information
- Excellent verbal and written communication skills in English, with strong attention to detail
- Ability to travel based upon business needs
- Added preferred skills:
- A professional certification in data protection such as CIPP/E or CIPM
- Familiarity with the research or education sectors
- Proficiency in languages other than English
- Bachelor’s degree (or equivalent) in a relevant field, e.g. law, finance, computer science
To Apply: Please visit Bambooand submit your application, including a resume and cover letter. A written exercise, Zoom interviews and a presentation task will be assigned later in the process to candidates who move forward. ORCID makes every effort to blind submissions and review exercise answers without bias. ORCID encourages applicants who meet some, but not all of the requirements and qualifications, to apply.
Our Culture
ORCID staff are curious and collaborative, and we strive to maintain a culture of learning. We offer programs like individually-focused professional development planning, monthly “Food for Thought” learning sessions on a wide variety of topics, and access to a digital learning platform, Udemy for Business. We are flexible and family-friendly, allowing staff to shift their schedules as needed, flex their time across the calendar month, and take an hour-long paid break each day (not to mention OFF– see the benefits we provide below).
As an organization, we are committed to diversity, equity and inclusion(DEI). We hold bi-annual forums, open to all staff, where our DEI plans and needs are discussed and amplified. As a fully remote organization, we also have an active committee dedicated to making our individual remote experiences as positive and productive as possible. Read more about our culture here.
Although we are geographically diverse, we are a small, cohesive community dedicated to our mission and to each other
As an open organization valuing trust and transparency, we have a privacy policy describing how we handle applicant, employee and contractor data that we invite you to review if interested.
We provide:
A family-friendly, flexible working environment, including:
- Flexible work hours and the ability to work fully from home (when not traveling)
- A committed and awesome team serving a community-driven organization
- Competitive compensation & benefits, plus OFF: an ORCID-wide day off on the first Friday of each month
- A continuous learning environment with opportunities for training & professional development
- Tools to support our virtual office environment, including a budget to choose your preferred laptop and a remote working stipend.
Compensation
ORCID’s compensation strategy considers an applicant’s skills and experience, geographic location, as well as internal equity when assessing salary. Because we are remote and hire all over the globe, our salary ranges will vary by location for any given role. A sample range of compensation for this role is US$80,000 to US$110,000 for a full-time equivalent position (noting that this is again a part-time position).
Job Type: Part-time
Part-time hours: 20-25 per week
Pay: €70,000.00 - €100,000.00 per year
Experience:
- data protection laws and practices: 1 year (required)
- practical, hands-on GDPR: 1 year (required)
Licence/Certification:
- CIPP/E or CIPM? (preferred)
Work Location: Remote
.