Data Risk Lead

We are looking for Data Risk Lead to ensure data security, privacy, and regulatory compliance by implementing governance structures, leading risk mitigation strategies, managing incidents, and operationalizing data risk frameworks across the data lifecycle. This role acts as a key liaison between local business units, the Data Risk & Security team, and regulatory authorities, fostering a strong culture of data protection and risk awareness.

• Contextualize and operationalize the global Data Risk strategy within the local/regional context.
• Govern the Data Risk framework across the data lifecycle, ensuring alignment with Schneider Electric policies and regulatory requirements.
• Establish data privacy governance structures (e.g., steering committees, reporting mechanisms).
• Build and execute a Data Risk Assurance Action Plan using global frameworks and tools.
• Report compliance progress using KPIs, KRIs, maturity matrices, and other indicators to executives.

• Ensure compliance with national data privacy laws and internal policies.
• Advise stakeholders (Data Office, Country President, employees) on data protection obligations.
• Provide guidance on personal data protection strategies and responsibilities.
• Ensure privacy clauses are included in supplier contracts.
• Drive certification of all digital assets within the instance.

• Act as the primary contact for local data protection authorities, supported by Legal and Group DPO.
• Serve as a point of contact for data subjects (employees, customers) regarding privacy queries and claims.

• Anticipate, identify, prioritize, and mitigate data risks.
• Design and implement data risk policies and mitigation frameworks.
• Ensure compliance with data controls and regulatory requirements.
• Lead data incident analysis and mitigation.
• Liaise with the Data Risk & Security team on assurance and risk management.

• Support investigation and assessment of personal data incidents.
• Recommend and assist in preparing notifications to authorities, data subjects, or customers when required.

• Monitor overall progress of data risk initiatives.
• Program manage risk mitigation and control implementation within the Data Office.
• Ensure data-related processes, systems, and assets are secure and protected from threats.
• Develop and maintain a data processing register.

• Implement training programs to promote data risk awareness and compliance.
• Promote a data protection culture through communication and engagement.
• Act as an ambassador for Schneider Electric’s data protection policies and procedures.

• Strong knowledge of data privacy regulations and risk management frameworks.
• Expertise in data governance, security controls, and compliance processes.
• Ability to lead cross-functional initiatives and manage complex programs.
• Excellent communication and stakeholder management skills.
• Analytical mindset with strong problem-solving capabilities.
• Familiarity with regulatory liaison and incident management processes.
• Willingness to develop own competencies and ability to adapt to a rapidly changing position.

• Internal: Data Office, Country President, Legal, IT Security, Business Functions.
• External: Data Protection Authorities, Regulatory Bodies, External Auditors.

• Bachelor’s degree in Law, IT Security, Data Management, or related field.
• Professional certifications in data privacy or security (e.g., CIPP, CIPM, ISO 27001) preferred.
• Proven experience in data risk management, compliance, and governance.

Looking to make an IMPACT with your career? When you are thinking about joining a new team, culture matters. At Schneider Electric, our values and behaviors are the foundation for creating a great culture to support business success. We believe that our IMPACT values – Inclusion, Mastery, Purpose, Action, Curiosity, Teamwork – starts with us.

IMPACT is also your invitation to join Schneider Electric where you can contribute to turning sustainability ambition into actions, no matter what role you play. It is a…