Legal
32 to 40 hours
€5191 - €7415

Are you a privacy lawyer who enjoys working on complex cases? In this position, you do risk analyses of tech companies' products at the highest level. This is how you make a difference for the Dutch education and research sector. You will not only make a difference in the Netherlands, but also far beyond. Do you want to make a big social impact in the field of privacy and security? Then we are looking for you.

Where you will work

SURF is the ICT cooperative for Dutch educational and research institutions. Together with them, we work on digital services and complex innovation challenges to enhance the quality of education and research. As a privacy lawyer, you make an important contribution to this by ensuring compliance and privacy.

The team you will join

The Procurement & Contracting domain purchases together, makes compliance agreements and supplies ict and content to SURF's members. Important elements are agreements on privacy and secure data processing. That is what the SURF Vendor Compliance team does. We carry out risk analyses and checks on security, such as ISO standards. We also make agreements with suppliers, monitor, provide information and support SURF members in compliance processes. Examples and achieved results can be found on our Vendor Compliance website, such as the DPIA on Microsoft Copilot for M365.

The SURF Vendor Compliance (SVC) team has grown from nothing to 11 people over the past year. We learn by doing and build our processes as we build the service. The team is characterised by a lot of enthusiasm, energy and professionalism. Fun is an important component within our team. We include this in team events that we organise at least quarterly. We give personal growth room by participating in courses and conferences. Those conferences are also a great time for team building.

What you will do

You will work on complex compliance projects such as DPIAs and DTIAs and perform compliance checks. In addition, you actively help with the provision of information within the sector. Your goal is to deploy the suppliers and applications studied as securely and privacy-friendly as possible. In discussions with suppliers, you apply the right legal knowledge sharply and pragmatically. This is how you ensure secure use of software throughout the education and research sector. You also often speak with European and/or global privacy and security experts from the suppliers. So the impact and complexity of the work is high. Finally, you have a pioneering role within the team.

Other tasks you will handle?

You carry out risk analyses (including DPIAs and DTIAs).
You perform privacy checks, including on data transfers outside the EEA with legal and technical investigations: research is based, for example, on the privacy documentation and legal documentation of suppliers.
You make agreements with suppliers, for example in processing agreements. You also make agreements on transfers in SCCs. In this way you reduce privacy risks and make agreements on privacy and security measures.
You provide information and support on how institutions can use the assessed applications/(cloud) software as securely as possible;
You monitor whether suppliers comply with agreements made.

Your skills and experience

You are curious, ambitious and entrepreneurial; you are serious about content, gentle and with a smile to the team and your colleagues.
You are an active part of the team, to share and absorb knowledge.
You have a completed WO education, preferably law. You also have (work) experience in the field of privacy and knowledge of the AVG/UAVG.
You have experience carrying out risk analyses on suppliers such as DPIAs and DTIAs. It is an advantage if you have experience in conducting discussions with suppliers.
You have an excellent oral and written command of Dutch and English: useful because of international suppliers.

SURF takes pleasure in doing its recruitment itself; acquisition is therefore not appreciated.

Apply

After submitting your application, you will immediately receive a confirmation e-mail.

Response

After the the closing date, you will receive a response from our recruitment team.

First interview

We invite you to our office, because we want to get to know you.

Second interview

We invite you again for an interview with others who also want to get to know you.

Assessment

We may ask you to do an assignment (assessment).

Are you the right person?

Then you will receive a salary offer from one of our HR advisors.

Welcome to SURF!

You join onboarding activities with other new colleagues.

Location: Moreelsepark 48, 3511EP, Utrecht, Nederland
Employment: Permanent
Salary: €5191 - €7415
Hours per week: 32 to 40 hours
Deadline: 02 March 2025
Substantive questions: Koos Kruithof
koos.kruithof@surf.nl
+31628504630
Questions about procedure: SURF Recruitment
recruitment@surf.nl
+31 642564500

What we offer

Extensive training opportunities
8.33 % holiday pay
8.33 % end-of-year bonus
36 holidays per year (based on a 40-hour working week)
An excellent pension scheme
An NS Business Card 1st class
Chair massages
Home working allowance

Apply for "Senior Privacy jurist "

Firstname *

Surname *

E-mail *

Mobile phone number *

Are you a resident of the Netherlands?

Yes

Have you been alerted to this vacancy by a SURF colleague?

Yes

Which SURF colleague alerted you to this vacancy?

CV * Select file

Cover letter * Select file

Additional documents Select files

Privacy Statement

I give permission for my details be kept 1 year for relevant vacancies

Privacyverklaring

Ik heb de privacyverklaring gelezen. *

Senior Privacy Lawyer