Single Resolution Board is hiring a Senior Data Protection Expert

• Type of contract: Temporary agent

• Function group and grade: AD8

• Duration of contract: 3 years (renewable)

• Area: Chair’s Directorate; Data Protection Office

• Place of employment: Brussels, Belgium

• Estimated monthly basic salary: € 8,651.92

• Deadline for applications: 07/01/2026 at 12:00, Brussels time

• Reserve list valid until: 31/12/2026

• Probation period: 9 months

The SRB

The Single Resolution Board (SRB) is the central resolution authority within the Banking Union (BU). Together with the National Resolution Authorities (NRAs) of participating Member States (MS), it forms the Single Resolution Mechanism (SRM). The SRB works closely with the NRAs, the European Commission (EC), the European Central Bank (ECB), the European Banking Authority (EBA) and National Competent Authorities (NCAs). It contributes to safeguarding financial stability.

Its mission is to ensure an orderly resolution of failing banks with minimum impact on the real economy and on public finances of the participating Member States and beyond. Therefore, the SRB is granted with specific tasks and responsibilities to prepare for, and carry out, the resolution of banks that are failing or likely to fail.

The SRB is also responsible for managing the Single Resolution Fund, as established by the SRM Regulation, to ensure that financial funding support is available while a bank is being restructured and/or resolved.

The SRB is a self-financed agency of the European Union.

The job

The SRB is organising a call for expressions of interest with a view to establish a reserve list of Temporary Agents for the position of Senior Data Protection Expert.

Profile

The Senior Data Protection Expert will focus on providing data protection advice and expertise for the tasks assigned to the SRB’s Data Protection Office (DP Office). They will support the DP Office in the implementation of the data protection regime and its application throughout the SRB, provide advice to the SRB management and all SRB units, and advise the data subjects. This includes, for instance, advice on requests by the data subjects, exercising their rights, dealing with data protection parts of complaints or litigation files or advising on overall data protection compliance of the business areas in the agency.

The Senior Data Protection Expert will contribute to the preparation of the Board’s decision-making process (in-person meetings and different written procedures) and relevant follow-up, provide advice on data protection governance matters, design procedures and actively participate in the various work streams where the DP Office is a member. They will cooperate with other members of the organisation to complete tasks, as well as with members of the Board and external stakeholders (European Data Protection Supervisor, Data Protection Officer Interinstitutional Network) to carry out the duties of the DP Office in a consistent and efficient manner.

Depending on organisational needs, the successful candidate may be designated to act as Deputy Data Protection Officer.

Tasks

• Ensure the application of Regulation EU 2018/1725 within the Agency, including recommendations on matters concerning the implementation of the applicable data protection provisions

• Provide advice to SRB services and functions, including senior management, on data protection matters, in particular as regards data protection compliance and data protection impact assessments, governance, ICT and HR matters, strategic and certain crisis management aspects

• Prepare, conduct and follow-up on the DP Office’s standard (annual and mid-year) and ad-hoc reporting to the Board, including review of all documentation to be submitted to the Board

• Stepping in for the DPO in the case of absence or other instances as necessary

• Provide data protection advice on the exercise of data subject rights, handle data subject access requests, data breaches, complaints and preparing for and participating in audits/inspections relating to data protection matters

• Drafting Data Protection opinions on various, general and complex topics of data protection relevance

• Contribute to data protection litigation

• Conducting data protection audits and investigations

• Support, design and review relevant SRB procedures, business processes from a data protection angle including advising the Controller(s) when preparing data protection documentation (e.g. privacy notices, contract provisions, data protection policies, data protection impact assessments, records of processing activities and other required documents)

• Develop templates, training and awareness materials and supporting documents within the scope of the Data Protection Office

• Manage relationships with external parties (lawyers, consultants, complainants or requestors exercising data protection rights,) when appropriate

• Liaise with experts and counterparts in EU Institutions (European Data Protection Supervisor, European Commission, European Parliament, Council, European Central Bank) and other stakeholders, as appropriate

• When requested, participate, support and contribute to various internal or external working groups, steering committees and work-streams

• Carry out any other tasks requested by line management in the interest of the service

Qualifications and Other requirements

Eligibility criteria

Only complete applications registered via EU CV Online and before the deadline for applications as mentioned in this document will be considered. Applications must include a motivation letter and a CV, both submitted in English to be considered; applications received in other languages than English will not be considered eligible.

General conditions

• be nationals of a Member State of the European Union

• enjoy their full rights as citizens

• have fulfilled any obligations imposed by national laws concerning military service

• meet the character requirements for the duties involved

• be physically fit to perform their duties

Education

• a level of education which corresponds to completed university studies of at least three years attested by a diploma in law and appropriate professional experience of at least one year ORa level of education which corresponds to completed university studies of at least four years attested by a diploma in law.

Candidates must indicate in their applications the official graduation dates for all the diplomas they have obtained. Only study titles that have been awarded in EU Member States or that are subject to the equivalence certificates issued by the authorities in the said Member States shall be taken into consideration. In case of qualifications issued by authorities outside EU Member States, the proof of recognition of equivalence by the relevant EU Member State authorities must be specifically mentioned in the online application form under ‘Additional information’.

Experience

• Candidates must have, at the closing date for applications, professional experience of at least nine (9) years (acquired after the education referred to in Section 2.2 Education) in a field relevant to this position.

Language skills

• As the predominant working language of the SRB is English, candidates must have an excellent command of spoken and written English (note: native English speakers will be required to demonstrate the ability to work in a second EU language at interview stage). Candidates must also have a satisfactory knowledge of another official language of the European Union to the extent necessary for the performance of their duties.

Selection criteria

Essential

• Suitability to perform the tasks described in Section 1.1

• After obtaining the qualifications mentioned in ‘Education’ above, candidates must have acquired at least six (6) years of professional experience in the area of data protection and privacy

• Proven experience in data protection and privacy acquired in an EU institution, body or agency, National Data Protection Authority or law firm

• Proven experience, knowledge and understanding of the Data Protection Regulation for EU institutions (EU DPR) the General Data Protection Regulation (GDPR) and their practices

• Proven experience and understanding of risk assessments related to data protection and privacy

• Proven experience in technology/AI matters that may impact on data protection and privacy

• Excellent analytical and problem-solving skills and ability to think creatively in order to find practical solutions to data protection and privacy matters

• Ability to analyse and convey complex legal and data protection concepts in an accessible manner to senior management, SRB staff and other stakeholders

• Strong ability to communicate efficiently and in a professional manner also cross-functionally, considering options in a clear and structured way and proposing implementable recommendations

• Ability to draft and deliver high quality documents

• A strong focus on meeting deadlines and reporting to management

• Self-starting and self-motivated, able to adapt easily to changing priorities and challenging deadlines

• Ability to collaborate efficiently with multi-disciplinary teams in a diverse, multi-cultural environment

Advantageous

• Relevant recognised data protection certification

• Experience as appointed DPO or Deputy DPO in an EU institution, body and/or agency, National Authority and/or the private sector

• Proven experience in providing data protection advice related to information technologies, including ICT security and ICT operations

• Proven experience in providing data protection advice related to AI matters

The selection process

Details for the selection process, assessment, invitation, documentation, reserve list, appointment, and appeals are included fully in the original vacancy notice. Please consult https://www.srb.europa.eu for more information or refer to the vacancy details above.

How to apply

Candidates must apply through the EU CV Online system via this link: https://ec.europa.eu/dgs/personnel_administration/open_applications/CV_Cand/index.cfm?fuseaction=premierAcces&langue=EN