Cookies sur le site KBL

Afin d’améliorer notre site Internet, nous utilisons les cookies Google Analytics. Ces fragments de données placés sur votre navigateur nous montrent certaines de vos activités sur notre site (comme les pages que vous avez consultées, etc.) et nous permettent d"évaluer l"audience du site. Pour de plus amples informations, consultez notre Politique de protection des données du site Internet.

Data Protection Risk Manager - CDD 24 mois (M/F)

KBL European Private Banker, Luxembourg


The role of Group Data Protection Risk Manager is :

  • To ensure the harmonization of data protection methodology and tools within the Group
  • To implement and administrate the centralized Group Data Protection compliance IT platform :
    • To ensure the decentralization of documented controls and assessment at 1st line of defense level by each business lines and affiliates
    • To ensure the implementation of validation process, inter-relations between 1st line of defense /2nd line of defense and audit trails
  • To assess data protection risk through the review and performance of data protection impact assessment (“DPIA”) for new processing and more exposed existing processes
  • To ensure the follow up of non-compliance and risk exposure reporting to Group Data Protection Officer for escalation to relevant Data Protection and Board committees


As the project manager of new IT platform implementation :

  • Parameterize and maintain a new centralized Group Data protection compliance IT platform
  • Drive the integration of Group Data Protection methodology and essential elements of GDPR (such as data protection impact assessment, data protection by design/by default, record of processing activities, third party due diligence) into the new centralized Group Data protection compliance IT platform
  • Coordinate the integration of all the affiliates into the new IT platform
  • Be the contact point with the IT provider of the new platform

As the Risk manager expert :

  • Ensure the ongoing maintenance of the KBL Luxembourg register of data processing, assess their processing lawfulness and consent conditions
  • Monitor the performance of data protection impact assessment ("DPIA") , and data protection by design/by default application at earliest stage of any new project
  • Be the secretary of the Group Data Protection operational committees with all affiliate representatives and specialists


  • University degree in Information Technology, Information Security, Economics, Business Administration, Law

  • Experience in one or (preferably) several of the following areas: compliance, risk management, audit, business process, information security

  • Expertise in national and European data protection practices including an in-depth understanding of the GDPR

  • Familiar with risk control frameworks is preferred (e.g. such as CDPO, COBiT, ISO 27001, ITIL, and ISO 27005/31000)


  • Ability to learn quickly and acquire expertise needed

  • Ability to parametrize a new IT tool and discuss with IT provider

  • Some experience in one or (preferably) several of the following areas: IT, compliance, risk management, audit, business process, information security

  • Knowledge of banking activities and services.

  • Strong communication skills, ability to bridge the gap between technical and business languages


  • Fluent in French and English


To apply for this position, please send your CV and cover letter, in English, to: