Job Description Are You Ready to Make It Happen at Mondelu0113z International? Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours. The key purpose of the role of legal counsel and German Data Protection Officer (u201cDPOu201d) is to provide legal counseling and advice on data privacy, data privacy aspects of cybersecurity, and data protection laws covering Germany, and the broader European Union. The legal counsel/DPO has the position of a DPO as defined in Art. 38 et seqq. GDPR and will monitor local compliance and data practices internally to ensure the business and its functions comply with the applicable privacy requirements in Germany and work on broader EU data privacy, cybersecurity, and data protection matters. The legal counsel/DPO acts will be responsible for and or assist with EU data protection impact and transfer assessments, government privacy filings, data privacy aspects of cybersecurity regulations and notification requirements, internal audits, and any other requirements mandated by local privacy law. The legal counsel/DPO will also serve as the primary contact for the local German Data Privacy Supervisory Authority and individuals whose data is processed by the local entity. Essential Duties and Responsibilities Reporting to the Chief Counsel, Global Compliance and Chief Privacy Counsel, you will work closely with the Compliance, Legal, People Team, and Mondelez Digital Services (u201cMDSu201d) functions to develop and monitor policies and standards applicable to the business and in compliance with the local regulation. Duties will include: Implementing measures and a privacy governance framework to manage and protect personal information in compliance with local regulations, including developing templates for data collection, assisting with data mapping, and conducting vendor management reviews, as well as the implementation of data privacy audits. Working with key internal stakeholders to review projects and related data to ensure compliance with applicable data privacy and cybersecurity laws, and where necessary, complete and advise on privacy impact and cross-border data transfer assessments. Serving as the primary point of contact, responsible person, and liaison for the German Supervisory Authority on all data protection-related matters that are required under the local data protection laws of that country, including being responsible for managing and coordinating regulatory filings, data incident responses, complaints, data subject access requests, privacy compliance reviews and cooperate with local data protection authority on issues relating to processing. Serving as the primary point of contact for privacy queries in the local business unit, inform and advise the Chief Counsel as well as employees of their obligations under data protection law, and working alongside local legal counsel on the execution and drafting of any required documentation. Review contracts and consents to implement projects in partnership with Procurement, local Legal, Marketing and MDS and ensure filing requirements with local regulators are achieved. Monitoring changes to EU local privacy, cybersecurity, and data protection laws and making recommendations to the Chief Counsel, Global Compliance & Chief Privacy Counsel, and the Global Data Privacy Community of Practice legal group. Working with the Chief Counsel, Global Compliance & Chief Privacy Counsel, and BU Counsel to understand localization requirements, set local standards, review local policies and procedures, and meet local regulatory requirements. Developing and delivering privacy training to various local business functions. Developing strategies and initiatives to ensure engagement with key internal and external stakeholders. Collaborating with the MDS to raise employee awareness of data privacy and cybersecurity security issues and providing training on the subject matter. Collaborating with MDS to maintain records of all data assets, maintain a data security incident management plan to ensure timely remediation of incidents, including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests. Comprehensively coordinate and implement personal information security within the local EU business units and take direct responsibility for personal information security. Establish, maintain and update the list of personal data and information held by the local organization (including the type, quantity, source and recipient of personal information, etc.) and authorized access strategies. Provide advice where a DPIA has been carried out and monitor its performance. What you will bring Law degree and registered attorney u2013 Preferably German. Certifications (e.g. CIPP/E, CIPM) are a plus. Minimum six (6) years of data privacy experience required. Experience in EU and German data privacy, cybersecurity and data protection laws, and ideally practical experience dealing with local privacy authorities, local data privacy office filings, and regulatory issues. At least three (3) yearsu2019 experience within a compliance, legal, audit, privacy, and/or risk function, with recent experience in privacy compliance. Strong knowledge of EU and German data privacy, cybersecurity and data protection regulation, and familiarity with local regulatory filing requirements in market. Must be fluent (both written and spoken) in English and German (C2). Sufficient knowledge of information technology and data management systems required; Affinity for understanding various IT solutions and their data protection implications in an international company structure. Well-developed and professional interpersonal skills; ability to interact effectively with people at all organizational levels within Mondelez. Excellent writing and presentation skills. Strong change, project management and leadership skills, including managing time well, prioritizing effectively, and handling multiple deadlines. A detail-oriented approach is needed to recommend and implement strategic improvements on a range of data privacy, cybersecurity and data protection issues. Ability to handle confidential and sensitive information with the appropriate discretion. KPI Targets/ Dimensions Data Privacy guidance in case of data breaches and compliance with potential notification requirements. Data Privacy counseling and check of Data Protection Impact Assessments (DPIAs) provided by the various functions (e.g. IT, Sales, Marketing, Procurement) Support GDPR audits (internal/ external) Regulatory inquiry resolutions Training on data privacy laws to various stakeholder (e.g. IT, Sales, Marketing, Procurement) Review of data privacy policies and regular updates Third-party compliance checks for GDPR compliance. Relocation Support Available? No Relocation support available, however for candidates voluntarily moving internationally some minimal support is offered through our Volunteer International Transfer Policy Business Unit Summary We value our talented employees, and whenever possible strive to help one of our associates grow professionally before recruiting new talent to our open positions. If you think the open position you see is right for you, we encourage you to apply _Our people make all the difference in our succes_ Mondelu0113z International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. Excited to grow your career? We value our talented employees, and whenever possible strive to help one of our associates grow professionally before recruiting new talent to our open positions. If you think the open position you see is right for you, we encourage you to apply IF YOU REQUIRE SUPPORT TO COMPLETE YOUR APPLICATION OR DURING THE INTERVIEW PROCESS, PLEASE CONTACT THE RECRUITER Job Type Regular Finance Planning & Performance Management Finance At Mondelu0113z International, our purpose is to empower people to snack right through offering the right snack, for the right moment, made the right way. That means delivering a broader range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about. We have a rich portfolio of strong brands u2013 both global and local. Including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the number 1 position globally in biscuits, chocolate and candy as well as the No. 2 position in gum Our 80,000 Makers and Bakers are located in our operations in more than 80 countries and are working to sell our products in over 150 countries around the world. They are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen, and happen fast. Join us and Make It An Opportunity Mondelez Global LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact 847-943-5460 for assistance.