|Contractor||London and Remotely||here|
The GDPR Developer will work with an experienced developer on the group’s GDPR remediation project, and will analyse the group’s solution landscapes (systems and business processes) and implement a strategy integrate data privacy solutions to support GDPR compliance.
- Work with developer to
- Identify and fix vulnerabilities
- Develop a strategy, plan and implement privacy by design, right to be forgotten and DSAR
- Ensure GDPR compliance of systems and owned digital assets
- Support data minimisation, erasure, portability, encryption and integrity
- Document and log developments, processing and activities
- Understand deeply our architecture
- Build 3rd party data processor relationship and manage erasure notifications
- Understand access controls and restrictions
- Support continued encryption efforts for high standard information security
- Implement a business wide pseudonymisation and advocate its use to maintain compliance
- Champion residual data awareness and remediation
- Gain SaaS awareness
- Calm under pressure
- Able to multitask and prioritise workloads
- Programming experience (Node, React and .NET)
- A keen interest in Information Security
- Willingness to learn and develop new skills
- Strong technical interests
- Excellent communication skills with the ability to present, influence and engage
- An interest and understanding of GDPR
- Node, React and .NET
Write an GDPR breach notification letter to one of the EU Regulators (for example the ICO in the UK) with a breach notification for (at least) one of the following scenarios:
- 1024 PhotoBooks and cards sent to the wrong recipient
- Customer’s Usernames and Passwords available to download in S3 bucket (via exposed API key and Secret)
- HR system exposed sensitive employee data to internal employees
- Non-opted in customers received marketing communications
- … Another scenario that you have personal/professional experience in….
- You have creative license to expand the chosen scenarios
- You can choose an EU Regulator from one of the four companies the Photobox Group operates (UK, France, Spain and Germany)
- It would be very interesting to see the same scenario sent to multiple regulators, where the differences between them would be highlighted
Why else should you be interested?
Quite simply, you don’t like standing still. You are passionate about working on different and ambitious projects from Day 1 - otherwise you’d be bored! You thrive on working with people from different nationalities, different cultures and languages. You want to work within a successful and recognised company, but you also want the freedom to bring forward your own solutions and to make your own impact. You want to work somewhere where people really do know each other by name and where they genuinely want to help and challenge each other to learn, be better and more innovative every day. Most importantly, you want to work in a business where spreading joy is the mission and where we all have fun making it happen.
Photobox Group Security mission and principles
Our mission is to secure the magic moments created by our customers, across all our brands. Our operating principles define what we focus on and how we make decisions. We hold ourselves accountable against these principles.
- We are enablers for the organisation, not blockers
- We drive transparency and accountability in risk management
- We minimise vulnerabilities
- We hack ourselves first
- We educate and empower our internal stakeholders and developers
- We contribute to adding financial value
Why join Photobox Group Security?
PhotoBox Group Security is a trusted, high-energy, empowered, and proactive team. If you are looking for a place to make a difference, learn a lot, be part of a highly productive team, and are able to work collaboratively with all parts of the business, this is the place for you.
We have a great culture, with a very horizonal structure. We expect you to be knowledgeable, trustworthy, empowered, friendly, focused, and responsible.
How to apply
In order to provide a fair and objective recruitment process, before we invite you for face-to-face interviews, we ask you to submit your answers to theoretical and practical challenges. This helps us to identify your suitability and experience level.
Each challenge should take no longer than 10 - 15 minutes to complete, however, in order to highlight your key skills, you may take longer than the suggested time if you wish.
Please see SOME OF THE CHALLENGES we might ask you to do (we customise these based on your experience and CV).