:

Mission & Main Tasks:

You independently and comprehensively advise business units and departments in particular on legal tasks in the area of data protection, security and privacy. The role is broad and, among other things, involves advising the business on various legal risks and obligations arising from PRC data laws and regulations. This requires the ability to both work independently and assess the impact of project initiatives on data subject's privacy and data protection, as well as the impact of PRC laws and regulations on our companies products and services. We are looking for someone with sharp analytical and communication skills, who is diligent, proactive, collaborative, organized and has demonstrated excellent legal and business judgment and strategic thinking.

Job Duties:

• Act as authority within the company to provide technical as well as behavioral instructions and advice on data protection, security and privacy; Support and supervise business in the implementation of data protection-compliant processes as well as in the conduct and coordination of process tests and data protection follow-up assessments.
• Accompany and if required lead cross-functional data related projects as well as introduction of new business models from a data protection point of view.
• Develop strategy, policies, processes and tools related to data protection, implement them, monitor and organize internal and externally supported data protection audits.
• Work closely with the internal responsibles for data/ IT security as well as coordinate and align with the data protection organization of the Volkswagen Group.
• Design and implement data protection training and awareness measures for different target groups within the company and carry them out independently.

Qualifications:

Education:

• Bachelor or Master in Law

Professional skills:

• Comprehensive understanding and in-depth knowledge in the field of PRC data law, in particular Cyber Security Law.
• Working experience for at least 5-8 years as a lawyer in a privacy/data protection role.
• Experience of implementing risk management and control frameworks.
• Experience and ability of working across multiple business lines, functions and territories.

- Experience in project management of multi- functional projects in the area of data protection, privacy, security and its practical application as well as implementation of risk management and control frameworks within a company.

• Ability to assess and evaluate business processes with regard to existing data protection risks, and, on the one hand, analyze complex subject-specific issues in depth, but on the other hand present them in such a way that Non-lawyers would understand.
• Strong understanding of entrepreneurial relationships as well as IT and information security.
• Intercultural, international experience acquired abroad.
• Interested in technical/ digital tasks.

Personal skills:

• Ability to multi-task, work independently and manage multi-functional projects effectively.
• Strong interpersonal and communication skills.Ability to act proactively and independently, communicate professionally at all levels of the hierarchy and always keep track even in complex and time-sensitive situations.
• Ability to make/take calculated decisions and to think forward and act accordingly.
• Ability to promote a strong data protection culture.
• Excellent management skills and the ability to interface easily with staff at all levels as well as third parties.
• Excellent team player.
• Flexibility.

Language skills :

• English skills: business fluent on reading, writing & speaking
• German skills: desirable (but are not a pre-requisite)