Data Protection Managers; m​/f​/d

Stellenbezeichnung: Data Protection Managers (m/f/d)
Job posting no.  The GWDG is seeking two Data Protection Managers (m/f/d) to join an interdisciplinary team of HPC experts in the working group “Computing” (AG

C) with a regular working week of 20 hours (50%). The positions can be transformed to a full-time position through responsibilities in other areas. Remuneration is in accordance with the collective agreement for the German public service (federal government); depending on qualifications, the position will be grade E 13. The position is suitable for part-time work and initially limited till 31.05.2028.

The GWDG strives for long-term cooperation. The Gesellschaft für wissenschaftliche Datenverarbeitung mbH Göttingen (GWDG) is the university computing center for the Georg-August-Universität Göttingen and a computing and IT competence center for the Max Planck Society. The provision of high-performance HPC systems has been one of its tasks for over 40 years. In 2020, the University of Göttingen / GWDG was accepted as one of eight computing centers in the National High-Performance Computing (NHR) network.

The GWDG operates the HLRN-IV system “Emmy”, one of the most powerful computers in the world. As a national supercomputing center, the GWDG offers technical support to researchers and students from various science domains using sophisticated computer codes, including earth system science, life science, and engineering. We also participate in both national and international research projects. At the same time, we aim to improve our close collaboration with The German Aerospace Center (DLR), and specialized computing centers including the German Climate Computing Center (DKRZ) and the Institute for Advanced Simulation Jülich (IAS-JSC).

As part of our AI Service Center for Sensitive and Critical Infrastructure (KISSKI) we have created a number of AI-based services that offer high levels of security and privacy due to being processed on our own hardware. Moreover, as part of KISSKI, the EU AI Factory Hammer

HAI, and the Quantum Computing Service Center QUICS, we collaborate with a number of customers including universities, public institutions and companies. The GWDG together with the Faculty of Mathematics and Computer Science and the Campus Institute Data Science (CIDAS) of the University of Göttingen provides a stimulating research environment in Scientific Computing, with an opportunity to conduct research in the intersection of applied computer science, High-Performance Computing, AI, and Machine Learning.

Responsibilities We have a wide range of potential responsibilities that we would like to discuss with you. Your responsibilities in our team could include, for example:
Manage a data protection management system (DSMS), including guidelines, processes and KPIs Maintain a record of processing activities (RoPA); carry out data protection impact assessments (DPIA/DSFA) and legitimate interest assessments Coordinate technical and organisational measures (TOM) in accordance with Art. 32 GDPR with IT/Info Sec and review them regularly Manage data protection breaches (reporting, forensics, lessons learned) and process data subject rights (information, deletion, etc.)

in a process-secure manner Contract management in the context of order processing (AVV), including standard contractual clauses, third-country transfers, TOM reviews and supplier audits Training, awareness campaigns and consulting for specialist departments; sparring for product development (‘privacy by design/default’) Planning and implementing internal audits/gap analyses; tracking measures and reporting to management Monitoring legal/regulatory developments (GDPR/BDSG, TTDSG/ePrivacy, Schrems II, supervisory authority guidelines) Close cooperation with information security, legal/compliance, IT and, if available, the data protection officer Requirements Completed master degree (e.g. law, business informatics, computer science, business administration with a focus on compliance) or comparable qualification Several years of experience in operational data protection management Very good knowledge of GDPR/BDSG;

understanding of ISO 27001/27701 and ISMS processes Confident in…