JOB DESCRIPTION

WE ARE
The European External Action Service (EEAS) supports the High Representative in the exercise of her mandate to conduct and implement an effective and coherent Union’s Common Foreign and Security Policy (CFSP), to represent the EU and to chair the Foreign Affairs Council.

It also supports the High Representative in her capacity as Vice-President of the Commission with regard to her responsibilities within the Commission in the external relations field, including the coordination of other aspects of the EU’s external action. The EEAS works in close cooperation with the EU Member States, the General Secretariat of the Council, the services of the Commission and the Secretariat General of the European Parliament.

The Data Protection Office (SG.LD.DPO) in the EEAS is in charge of supporting management and staff with independent, objective advice in order to be compliant with relevant data protection provisions, ensuring the protection of the right to privacy within the organisation, taking into account the specific needs of EEAS Headquarters entities and EU Delegations. Assignments cover the monitoring of data processing activities as well as consultation, awareness raising, training and network coordination. Due to the diversity of the activities of the EEAS, the work of the DPO is broad and challenging. Among the different tasks assigned to it, the DPO advises the Secretary General as well as the Director General of Resource Management along with the Managing Directorates and all data controllers at both Headquarters and in Delegations. The DPO also has a consultative role for CSDP missions and operations in relation to data protection requirements and is in charge of the Information to the Public service in the EEAS.

WE PROPOSE
The position of Legal Assistant – Data Protection Compliance Coordinator, contract agent FGIII as per article 3b of the Conditions of Employment of Other Servants of the European Union (hereafter, the “CEOS”)[1].
PLACE and DATE OF EMPLOYMENT
‎EEAS Headquarters, Brussels, Belgium
Post available: as of 15/10/2025

LEGAL BASIS
The vacancy is to be filled in accordance with the conditions stipulated under the CEOS, in particular Article 82 thereof. In case of recruitment, the successful candidate will be offered a contract agent position (Function group III), on the basis of a contract with an initial duration of one year that may be successively renewed up to a maximum duration of six years[2], subject to the maximum duration of engagement by the EEAS allowed under successive limited duration contracts of different types[3].

WE LOOK FOR
A highly motivated, conscientious and dynamic candidate with at least 2 years of proven experience in the field of data protection and/or in related areas, including data governance, cybersecurity, online platforms, artificial intelligence, access to documents and information to the public as well as legal or paralegal work A candidate with an understanding of data protection principles and concepts of the EU legislative framework in order to duly support the Data Protection Officer of the EEAS in tasks assigned to the DPO and provide assistance to data controllers in their personal data processing activities as well as to the agent dealing with Information to the Public tasks under the DPO’s supervision A creative and solution-oriented person with strong analytical skill
Good capacity to communicate and to maintain constructive professional relationship with EEAS staff, while respecting the independent role of the Data Protection Officer Sound sense of organisation and ability to react quickly to new demands

Capacity to work in a small team and to follow up tasks independently
Good computer skills with an eye for details along with a motivation for being accurate Functions and main responsibilities:
To inform and advise data controllers carrying out personal data processing activites to be aware of their obligations and data subjects to be informed of their rights To ensure in an independent manner the internal application of the relevant data protection provisions of Union law, in particular of the data protection regulation applicable for EU institutions To monitor data protection compliance and the related record management by controllers in cooperation with the network of data protection coordinators in the Headquarters and data protection correspondets in EU delegations, using the e-DPO system To provide advice with regard to data protection impact assessments and data breaches To manage and reply to data protection related requests, questions and complaints by staff and third parties To respond to requests and to cooperate and consult with the European Data Protection Supervisor To follow up policy developments and to contribute to Inter-Service Consultations in data protection To supervise the Information to the Public serviceof the EEAS and coordinate work with the Europe Direct Contact Centre, contacted by individuals, all Union citizens seeking information on EU matters Eligibility criteria

Further to the conditions set out in Article 82 of the CEOS, candidates must:
have passed a valid EPSO CAST in a valid function group for this post, or be registered in the EPSO Permanent CAST in a valid function group for this post (https://epso.europa.eu/en/job-opportunities/open-for-application). In the latter case, while the registration will make the candidate eligible for the selection procedure, the recruitment of a candidate on this vacant post will be subject to his/her successfully passing the CAST exam; have a level of post-secondary education attested by a diploma or a level of secondary education attested by a diploma giving access to post-secondary education and appropriate professional experience of three years; have the capacity to work in the languages of the CFSP and external relations (English and French) necessary for the performance of their duties; be a national of one of the Member States of the European Union and enjoy full rights as a citizen.

Selection criteria
Candidates should:
have the ability to support the DPO and assist the colleagues working on processing of personal data, including data controllers, data protection coordinators/correspondents in Headquarters and Delegation organisational entities as well as to contribute to the coordination of requests handled by the EEAS Information to the Public service; have a good knowledge of data protection principles and concepts of the EU data protection legal framework demonstrate at least 2 years work experience in the domain of data protection, privacy and/or in a related field (cybersecurity, AI, IT, online platforms, legal or paralegal work) have the capacity to acquire and apply new knowledge and to integrate and utilise the information learned; have excellent organisational and analytical skills;
have the ability to work independently and according to priorities also under time pressure as well as follow instructions; have good communication and proven drafting skills in English and French;
have the ability and the capacity to perform with accuracy and in an adaptable manner on a diversity of tasks in a complex, multicultural and multidisciplinary institutional environment; Knowledge and/or proven experience of at least 2 years of various IT tools used to generate and process information (Microsoft Office, Visio, Adobe Acrobat, etc.); have a strong service-culture attitude;
be a flexible team player;
have an overall knowledge of external relations, internal policies and the functioning of the EU.

Furthermore:
experience in working with or within other EU institutions, in particular in a data protection office and/or in an EU Delegation, CSDP mission and operation, etc.
experience of 3 years related to administrative matters, in particular to human resources, security, IT, contracts and agreements, access to documents and information to the public client-oriented approach towards controllers and data subjects with ability to meet deadlines, follow instructions and find pragmatic solutions relevant professional qualification in the field of data protection or other legal or related policy domain knowledge and/or proven experience with the use of different IT tools (e.g. ServiceNow, EUSurvey, ARES, collaboration tools, including OpenText or SharePoint, ERP systems, e.g. ABAC) will be considered as strong assets.