A national law enforcement ANPR programme needs a senior expert in data protection to assess the privacy impact of recent architectural and operational changes. The role combines hands-on DPIA work, data mapping and technical advice on IAM and ISO27001-related controls while liaising with multiple suppliers and partner organisations.
The mission
The programme operates an Automatic Number Plate Recognition (ANPR) asset and camera ecosystem that is increasing in scale and complexity, including new camera types and AI-based features. The asset management architecture is changing and the volume and diversity of connected systems is growing, so maintaining a clear view of data flows, threat vectors and compliance with EU and national data protection rules is essential.
You will join a multidisciplinary team of internal and external specialists to map the impact of these changes on personal data processing, update and produce DPIAs, and adapt processing agreements with partners. Typical work includes drafting templates and DPIAs, requesting evidence from suppliers, performing conformity checks when solutions go live, and reporting progress to the programme manager within the project timeline (start in June 2026, about 60 days of part-time input through end 2026).
Your responsibilities
- Identify gaps and improvements in existing DPIAs and processing agreements, prioritising actions that reduce legal and technical risk
- Draft and deliver DPIA templates and complete DPIAs for new or changed processing activities to a quality standard suitable for supervisory review
- Analyse initiatives and recommend whether a new DPIA or an update is required, documenting technical data flows and control objectives
- Coordinate evidence requests to suppliers and partners, and verify implemented measures through targeted checks when systems are deployed
- Prepare clear responses for supervisory authorities and produce progress reports for the programme manager
- Develop and maintain quality assurance plans and a delivery schedule for required documentation across stakeholders
Your profile
Essential skills
- Minimum 10 years of hands-on experience in data protection within an IT-technical domain
- Proven ability to author DPIAs and perform detailed data mapping of complex system landscapes
- Valid DPO certification and practical knowledge of supervisory authority expectations
- Technical understanding of cybersecurity threats, preventive measures, identity and access management (IAM) and ISO27001 control frameworks
- Experience with project tracking and knowledge management tools, and reporting to senior programme stakeholders
- Strong communication skills, discretion, and the ability to coordinate multiple external partners
Languages
- French: C2 (native) with strong passive Dutch comprehension at B2-C1
- Dutch: C2 (native) with strong passive French comprehension at B2-C1