Data Protection Officer – Middle

Overview:

SOFTSWISS is looking for an experienced Data Protection Officer (DPO) to oversee and ensure compliance with data protection laws, including the General Data Protection Regulation (GDPR). 

The DPO will play a key role in maintaining the company’s privacy governance framework, supporting our teams in implementing privacy-by-design principles, and serving as the main point of contact for data protection authorities and individuals.

About Product:

Payment Gateway (FinteqHub):

The Payment Gateway is part of our growing fintech software and payment management system. The team works on providing clients with a payment platform designed to help online businesses manage and process monetary transactions worldwide.

Key responsibilities:

• Ensure the company’s processing of personal data complies with applicable data protection laws, including GDPR. 
• Develop, implement, and maintain data protection policies, procedures, and frameworks aligned with regulatory requirements, including maintaining a comprehensive Record of Processing Activities (ROPA). 
• Inform and advise the company and its employees of their obligations under data protection law. 
• Provide expert guidance during product design and implementation to ensure privacy-by-design and privacy-by-default principles. 
• Monitor compliance with data protection legislation, conduct audits, raise awareness. 
• Review existing draft contracts for data protection implications and ensure appropriate privacy and security clauses are included. Develop Data Processing Agreement draft. 
• Identify and assess privacy risks related to processing, storage, and data transfers. 
• Advise on and monitor Data Protection Impact Assessments (DPIAs) and Transfer Impact Assessments (TIAs). 
• Establish and manage procedures for detecting, reporting, and investigating data breaches, including breach notifications to supervisory authorities and affected individuals when required. 
• Maintain a data breach register and oversee post-incident reviews. 
• Proactively recommend improvements to ensure ongoing compliance and risk reduction, including measures related to security, data storage, and data retention. 
• Act as a contact point for data subjects exercising their rights (access, rectification, erasure, portability, restriction, objection). 
• Serve as the company’s main contact point with the State Data Protection Inspectorate (VDAI). 
• Provide regular reports and briefings to senior management on privacy risks, incidents, and compliance status. 
• Undertake additional compliance-related duties as assigned by management, in alignment with data protection principles and legal requirements.

Required Experience:

• Education: Minimum Bachelor’s degree in Law. 
• Experience: Proven track record as a Data Protection Officer or Privacy Law Compliance Officer, ideally in a technology or fintech company. 
• Knowledge: Deep and practical understanding of GDPR, Lithuanian data protection laws, and privacy compliance frameworks. 
• Languages: Fluency in Lithuanian and English (written and spoken) is mandatory. 
• Residence: The candidate must reside in Lithuania. 
• Excellent communication and analytical skills. 
• Strong attention to detail and ability to balance regulatory compliance with business needs.

The DPO will work closely with:

• Product/Data Privacy Responsible – ensuring GDPR is implemented across product development, architecture, and data flows. 
• CISO/Security Team – supporting technical controls such as encryption, access management, incident response, and retention enforcement.

Our Benefits:

• Full-time remote work opportunities and flexible working hours
• Private insurance
• Additional 1 Day Off per calendar year
• Sports program compensation
• Comprehensive Mental Health Programme
• Free online English lessons with a native speaker
• Generous referral program
• Training, internal workshops, and participation in international professional conferences and corporate events.