Personal Data Management and Information Security Officer

Join to apply for the Personal Data Management and Information Security Officer role at EBRD

1 day ago Be among the first 25 applicants

Join to apply for the Personal Data Management and Information Security Officer role at EBRD

The European Bank for Reconstruction and Development (EBRD) is seeking a Personal Data Management and Information Security Officer to support the Head of Information Security in managing the Bank’s information security and personal data protection landscape.

You will play a dual role—leading on the Bank’s Personal Data Protection efforts and supporting the InfoSec agenda. Your work will ensure that the Bank maintains high standards of security, privacy, and compliance, contributing to our mission of promoting sustainable development across our regions of operation.

Job description:

About the Role

The European Bank for Reconstruction and Development (EBRD) is seeking a Personal Data Management and Information Security Officer to support the Head of Information Security in managing the Bank’s information security and personal data protection landscape.

You will play a dual role—leading on the Bank’s Personal Data Protection efforts and supporting the InfoSec agenda. Your work will ensure that the Bank maintains high standards of security, privacy, and compliance, contributing to our mission of promoting sustainable development across our regions of operation.

Operational Risk Management (ORM) is part of the Bank’s Risk Management group and forms the second line of defence. ORM is responsible for independently identifying, assessing, and supporting the mitigation of key operational risks, including those related to information security and personal data protection. ORM works in close collaboration with the IT Department and business units across the Bank.

You will act as the Bank’s:

• Primary Personal Data Protection Officer (PDPO) and contact point.

• Key advisor on privacy and information security risks.

• Manager of critical programmes, including the Bank’s InfoSec and Personal Data Protection Frameworks and Training & Awareness initiatives.

• Coordinator for internal/external reviews related to InfoSec and privacy compliance.

You will work closely with IT and business functions to identify risks, manage incidents, and advise on good practices aligned with ISO 27001 and/or NIST.

• Develop, review, and updatethe Bank’s Information Security and Personal Data Protection (PDP) Frameworks (policies, directives, guidance, and procedures).

• Manage and implementinternal training for staff and Bank users, including writing training materials and managing the Bank’s eLearning platform.

• Conduct compliance assessmentsto evaluate adherence to InfoSec and privacy policies and procedures.

• Advisethe Bank and data subjects on implementing, applying, and complying with the PDP Framework.

• Provide support on incident remediation, especially in cases involving personal data breaches.

• Respond to data subject requestsand support the Personal Data Review Panel on personal data-related complaints.

• Advise on IT and business projectswith respect to InfoSec and privacy risks.

• Maintain risk registers, provide ongoing risk analysis, and contribute to risk mitigation plans.

• Support completion and reviewof Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).

• Manage BAU activities, including:

  • Social engineering exercises.

  • Supplier assurance assessments.

  • Risk assessments for business processes and technologies.

• Research emerging threatsand evaluate applicability to the Bank’s operations.

• Monitor changes in regulations and best practices, document and propose updates, agree on changes with the Head of Information Security, and implement project plans.

• Work extensively with IT, particularly the IT Security team, to address technical security and risk issues with a sound understanding of underlying technologies.

• Education: Bachelor’s or Master’s degree, ideally in IT, Security, Risk Management, or a related field (other fields will also be considered).

• Certifications:

  • At least one recognised information security qualification (e.g., CISM, CISA, CISSM, ISO 27001 Lead Auditor/Implementer).

  • At least one data protection certification (e.g., EU-GDPR-P, CIPP/E).

• Technical and Professional Skills:

  • Excellent written and verbal communication and presentation skills in English.

  • Ability to present technical information in business and risk language.

  • Strong project management and problem-solving skills.

  • High attention to detail and accuracy.

  • Ability to work independently and handle multiple priorities.

  • Strong relationship management and influencing skills across all levels.

• Expertise in:

  • Information security tools and practices (e.g., mobile device security, information classification).

  • Supplier assurance, social engineering testing, and security awareness training.

  • Privacy principles, including Privacy by Design, DPIAs, handling data subject requests, and investigating personal data breaches.

We believe that hard work deserves great rewards. We offer competitive base salaries and annual performance-based bonuses. Permanent staff can enjoy addition benefits such as medical insurance, generous and flexible annual leave options, retirement benefits, reduced gym membership rates and staff discounts at a wide array of retailers.

We recognise the challenges of working far from home, so if you move from another country to take up a post with us, we’ll help by providing ongoing assistance and relocation allowance.

• Contribute to sustainable impact in 30+ countries.

• Be part of a values-driven institution that fosters transparency, innovation, and inclusion.

• Collaborate with experienced professionals in a dynamic and supportive environment.

• Access development opportunities and an attractive compensation package.

What is it like to work at the EBRD?

Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people's lives and help shape the future of the regions we invest in.

The EBRD environment provides you with:

• Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in;
• A working culture that embraces inclusion and celebrates diversity;
• An environment that places sustainability, equality and digital transformation at the heart of what we do.

Diversity is one of the Bank’s core values which are at the heart of everything it does. A diverse workforce with the right knowledge and skills enables connection with our clients, brings pioneering ideas, energy and innovation. The EBRD staff is characterised by its rich diversity of nationalities, cultures and opinions and we aim to sustain and build on this strength. As such, the EBRD seeks to ensure that everyone is treated with respect and given equal opportunities and works in an inclusive environment. The EBRD encourages all qualified candidates who are nationals of the EBRD member countries to apply regardless of their racial, ethnic, religious and cultural background, gender, sexual orientation or disabilities. As an inclusive employer, we promote flexible working and expecting our employee to attend the office 50% of their working time.

Please note, that due to the high volume of applications received, we regret to inform you that we are unable to provide detailed feedback to candidates who have not been shortlisted (for further consideration).

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Finance, Legal, and Other
• Industries
  Banking and Financial Services

Referrals increase your chances of interviewing at EBRD by 2x

Get notified about new Information Security Officer jobs in London, England, United Kingdom.

London, England, United Kingdom 1 month ago

London, England, United Kingdom 2 weeks ago

London, England, United Kingdom 1 week ago

London, England, United Kingdom 20 hours ago

London, England, United Kingdom 1 month ago

London, England, United Kingdom 2 weeks ago

London, England, United Kingdom 1 month ago

London, England, United Kingdom 4 hours ago

Redhill, England, United Kingdom 1 day ago

London, England, United Kingdom 1 day ago

London, England, United Kingdom 1 week ago

London Area, United Kingdom £65,000.00-£75,000.00 5 hours ago

London, England, United Kingdom 1 day ago

Greater London, England, United Kingdom 4 days ago

London, England, United Kingdom 3 weeks ago

London, England, United Kingdom 2 weeks ago

London, England, United Kingdom 3 weeks ago

London, England, United Kingdom 1 hour ago

London, England, United Kingdom 1 week ago

London, England, United Kingdom 1 hour ago

London, England, United Kingdom 3 weeks ago

London, England, United Kingdom 5 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.