Job Description
Head of Data Management Office

This is Worldline

 

We are the innovators at the heart of the payments technology industry, shaping how the world pays and gets paid. The solutions our people build today power the growth of millions of businesses tomorrow. From your local coffee shop to unicorns and international banks. From San Francisco to Auckland. We are in every corner of the world, in every part of commerce. And just as we help our customers accelerate their business, we are committed to helping our people accelerate their careers. Together, we shape the evolution.

 

The Head of the Data Management Office leads the enterprise function that centralizes the implementation of GDPR compliance for Worldline. Positioned at the corporate level, the role maintains an end-to-end view of data processing across business units and geographies, enabling standardized controls, risk-based decision making, and clear escalation paths for complex compliance challenges.

The role works in close partnership with privacy specialists, legal counsel, security officers, and business risk managers. It also collaborates extensively with Product, Delivery, HR, Procurement, and client-facing teams to ensure that compliance strategies are both legally robust and operationally practical.

The Head of DMO reports to the Head of 1st Line Security Merchant Services and drives the offshore strategy for Global Competence Centers (GCCs), operationalizing data access controls and making risk-based decisions aligned with the organization’s risk appetite and applicable regulations.

 

Day-to-Day Responsibilities

  • Conduct comprehensive risk evaluations focused on data access patterns, processing requirements, and the scope of work within Global Competence Centers (GCCs).
  • Develop and recommend appropriate technical and organizational controls to address identified compliance gaps and data protection challenges to respective stakeholders in the EU and India.
  • Maintain an enterprise-level, comprehensive view of data processing activities across business units and geographies.
  • Continuously advise on emerging regulatory developments and assess their impact on GCC operations.
  • Collaborate with cross-functional teams (data protection, legal, IT security, business risk, customer& regulator-facing teams ) to ensure strategies are legally sound and operationally viable.
  • Provide expert guidance to business functions on optimal approaches for transitioning work to GCCs while maintaining compliance.

 

Who are we looking for:

We look for big thinkers. People who can drive positive change step up and show what’s next – people with a passion, a can-do attitude, and a hunger to learn and grow. In practice, this means:

  • 10+ years in data protection, privacy, and information security compliance, including 5+ years leading enterprise-level programs.
  • Bachelor’s/Master’s in Computer Science, Information Security, Law, or related field.
  • Proven track record designing and operationalizing GDPR / Regulatory compliance in complex, multinational environments (preferably payments/financial services).
  • Hands-on experience with cross-border data processing and transfer mechanisms in collaboration with cross-functional teams in Europe and India. Understanding of SCCs, Schrems II implications, DTIA, vendor/outsourcing governance.
  • Direct experience enabling Global Competence Centers or similar offshore/nearshore delivery models in alignment with EU regulatory requirements.
  • Ability to author and defend risk-based decisions, risk acceptances/exceptions, and escalation paths aligned to a clearly defined risk appetite.
  • Certifications considered a strong plus: IAPP CIPP/E (strongly preferred), CIPM or CIPT, and ISO/IEC 27001 Lead Implementer or Lead Auditor.

 

Regulatory and legal expertise

  • Expertise in GDPR (Art. 5–32), ePrivacy, UK GDPR, and relevant EU guidance (EDPB, CNIL, etc.).
  • Good understanding of European case law and regulator positions on remote data access, international data transfers to India, and pseudonymization.
  • Good Knowledge of payment regulations (PCI DSS, PSD2, EBA Outsourcing, SOC 2), Information security standards like ISO27001, and offshore data protection laws (e.g., India’s DPDP Act, RBI rules), operationalized alongside GDPR in offshore operations.

 

Stakeholder management and communication

  • Exceptional communication skills to advise senior executives, negotiate with clients, and coordinate cross‑functional teams (Legal, Security, Product, HR, Procurement, Compliance & sales team).
  • Experience interfacing with regulators and auditors; ability to prepare defensible documentation and audit evidence.

 

Perks & Benefits

At Worldline, you’ll get the chance to be at the heart of the global payments technology industry and shape how the world pays and gets paid. On top of that, you will also:

  • Private medical & life insurance
  • MyBenefit Platform
  • Holiday allowance
  • Referral program
  • Public transportation allowance
  • Meal allowance
  • Annual bonus

 

Shape the evolution 

We are on an exciting journey towards the next frontiers of payments technology, and we look for big thinkers, people with passion, a can-do attitude, and a hunger to learn and grow. Here you’ll work with ambitious colleagues from around the world, take on unique challenges as a team, and make a real impact on society. With an empowering culture, strong technology, and extensive training opportunities, we help you accelerate your career - wherever you decide to go. Join our global team of 18,000 innovators and shape a tomorrow that is yours to own.

Learn more about life at Worldline at jobs.worldline.com

We are proud to be an Equal Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as an individual with a disability, or any applicable legally protected characteristics. Pursuant to the Article 24 sec. 6 of the Act of 14 June 2024 on the protection of whistleblowers, we inform you that Worldline Financial Services (Europe) S.A., a joint-stock company, Branch in Poland (hereinafter referred to as Worldline) is governed by the Regulations on the receipt of internal reports and taking follow-up actions (hereinafter referred to as the Regulations). 

 

#LI-AP1

 
Information at a Glance
Apply now
Request ID:  302341
Posting Start Date:  1/9/26
Job Area:  Operational Management
Work Site:  Hybrid
Contract Type:  Permanent
Brand:  Worldline
Job Location:  Poland - Warsaw