LXT is an emerging leader in AI training data to power intelligent technology for global organizations. In partnership with an international network of contributors, LXT collects and annotates data across multiple modalities with the speed, scale, and agility required by the enterprise. Our global expertise spans over 145 countries and more than 1,000 language locales. Founded in 2010, LXT is headquartered in Toronto, Canada with a presence in the United States, UK, Egypt, India, Turkey, and Australia. The company serves customers in North America, Europe, Asia Pacific, and the Middle East.
We are currently seeking a Quality Director who ensures that our services meet all necessary contractual agreements and all applicable laws and standards before they reach the client acting as a Subject Matter Expert in all matters related to all sorts of applicable compliance references. The QD will make sure all the company’s actions and business steps are all compliant to the designated desirable state. The QD will monitor the processes to make sure it has been built with compliance to legal standards and meets client requirements. The QD must fully understand the requirements for the LXT business requirements scope of work, and the nature of the core business and have a sense of responsibility towards our potential and existing clients as well as the competition.
The QD, responsibilities include identifying training needs based on skills gap analyses, developing group and individual learning courses and managing the training budget for all matters and training needs related to the data protection and privacy. Additionally, the QD will be responsible for data protection, the QD will be authorized to have access to all LXT’s assets relating to the processing and storage of personal data for the purpose of assessing the use and security of personal data.
Responsibilities:
- Providing and maintaining the necessary documentation to demonstrate compliance with the GDPR and ISO 27001:2013 including, but not limited to policies, procedures, templates, forms and ensuring that they are kept up to date.
- Building and maintaining the ISMS for ISO 27001:2013, along with all related activities that ensure the ongoing compliance to the standard
- Fully responsible for the relevant internal audit sessions that will be held with all interested parties in compliance to ISO 27001:2013, as well as acting as the management representative in the Management Review meetings and with the external audit entities
- Ensuring LXT is PCI DSS compliant, while also facilitating the external assessment done to certify the company on yearly basis
- Informing and providing expert advice to all members of staff regarding their obligation to comply with the provisions of the GDPR and relevant local laws and regulations when processing personal data.
- Monitoring compliance with the GDPR and relevant local laws and regulations, and informing the stakeholders within the Company of any changes in a timely manner.
- Act as the single point of contact for the supervisory authority on issues relating to processing of personal data, and to consult with the supervisory authority, where necessary, on any other relevant personal data matters.
- Act as the main point of contact for employees and all data subjects, and will cooperate with all members of staff on matters of data protection.
- Ensures that training and awareness is available and delivered to all members of staff involved in the processing of personal data.
- Provides expert advice and guidance on the Data Protection Impact Assessment (DPIA), including performing or monitoring the performance of DPIAs against the requirements of GDPR Article 35.
- Develops the process and procedures for reporting personal data breaches and takes the necessary measures to inform the relevant stakeholders as provided by GDPR Article 33 and 55.
- Monitors compliance with the Data Protection Policy and any other internal documents relating to data protection.
- Creates inventories, holds and maintains registers of processing operations based on information provided to them by the departments within the Company which are responsible for the processing of personal data.
- Advises the Company regarding privacy notices to data subjects at the point of collection of their personal data, pursuant to GDPR Articles 13 - 15.
Qualifications:
- Intensive knowledge on ISO 27001:2013 and its requirements and related activities.
- Deep knowledge of PCI DSS and all the main techniques for complying to its requirements.
- Clear awareness of document control and document management.
- Previous proven experience of passing external audit and certification processes in similar industries.
- Full awareness of the GDPR with all the relevant articles that serve the business nature.
- Have extensive knowledge of compliance as a concept to commonly known standards and\or laws related to the business industry.
Additional information:
We are an equal opportunity employer and ensure that no applicant is subject to less favorable treatment on the grounds of gender, gender identity, marital status, race, color, nationality, ethnicity, age, sexual orientation, socio-economic, responsibilities for dependents, physical or mental disability. Any hiring decision is made on the basis of skills, qualifications, and experiences.
We measure our success as a business, not only by delivering great products and services and continually increasing our assets under administration and market share, but also by how we positively impact people, society, and the planet.