Compliance and Data Privacy Specialist (6 month term)

Corporate

At ZOLL, we're passionate about improving patient outcomes and helping save lives.

We provide innovative technologies that make a meaningful difference in people's lives. Our medical devices, software and related services are used worldwide to diagnose and treat patients suffering from serious cardiopulmonary and respiratory conditions.

Essential Functions

Position Description

Job title

Compliance and Data Privacy Specialist

Department

Compliance, Privacy & Governance

Reports to

EMEA Compliance Privacy and Governance Manger

Job purpose

We are seeking a highly motivated and detail-oriented Compliance & Data Privacy Analyst to support the EMEA Compliance & Privacy Group with ongoing projects related to the GDPR and Italian Legislative Decree 231/2001.

The role will focus on helping operationalize ZOLL’s data privacy program in the EMEA region and contribute to risk assessment, documentation, and process improvements in the context of both data protection and corporate compliance.

This is a 6-month fixed-term role ideal for early-career professionals with foundational experience in privacy, compliance, or legal/regulatory environments.

Duties and responsibilities

Data Privacy (GDPR)

• Support the ongoing maintenance and review of Records of Processing Activities (ROPAs)
• Assist in data mapping exercises to identify personal data flows across EMEA operations. Document key elements such as data categories, data subjects, lawful bases, retention periods, data transfers, and security measures.
• Coordinate with key key internal stakeholders (e.g., IT, Legal, HR, Marketing, Sales, etc..) to gather data privacy-related information across departments
• Help ensure alignment with GDPR documentation requirements

Corporate Compliance (Italian Decree 231/2001)

• Assist in conducting risk assessments related to 231 compliance areas
• Support the documentation and mapping of internal controls relevant to 231 obligations
• Collaborate with internal stakeholders to collect and review evidence and procedures tied to the 231 Model
• Track action items and follow up on remediation or process improvement tasks

Essential Skills and Qualifications:  

• Bachelor’s degree in Law, Information Security, Data Management, or a related field.
• 1-2 years of experience in data privacy, data governance, or compliance roles especially familiar with data mapping and data inventory processes , the methodologies and tools used for data mapping
• Practical understanding of GDPR concepts and different international data protection legislation. Knowledge of data privacy, data protection or data security aspects in Europe
• Familiarity with Italian Decree 231/2001 and related corporate compliance frameworks is highly desirable
• Excellent communication and interpersonal skills with the ability to effectively communicate with various stakeholders from various business and supporting functions
• Analytical and problem-solving skills- able to analyze data privacy risks, identify areas for improvement, and develop effective solutions is a plus point
• Good skills using Microsoft tools

Languages:

Fluent (written and spoken) in English and Italian

Competencies:

• Excellent communication and interpersonal skills.
• Ability to communicate concisely and clear both oral and written
• Ability to work in a matrixed organization where many stakeholders work remote
• Self- motivated and result driven.
• Ability to work with different cultures and functions with all levels of the organization.
• Solution-minded; desire to solve problems and propose creative solutions
• Ability to prioritize according to risk
• Project management skills. Ability to follow through and complete tasks on time.

Period:

• Type: Fixed-term employment contract
• Duration: 6 months
• Location: Italy preferred; remote/hybrid possible
• Travel: Limited EU travel (2–3 times during the contract)
• Start date: ASAP or early autumn 

What we offer:

• Opportunity to be part of an international data privacy and compliance team and to contribute to high-impact privacy and compliance projects in the medical device sector
• Hands-on experience with GDPR and Decree 231 program operations
• Onboarding training on ZOLL medical device products
• Opportunity to apply GDPR concepts and principles into day-to-day business needs
• Coaching sessions from the ZOLL EMEA Compliance Manager
• Experience working on a dynamic medical device company
• Exposure to data privacy requirements for the health industry
• Practical experience developing and applying GDPR principles to new medical device products
• Gain experience working for an international company
• Opportunity to participate on regional data privacy projects

ZOLL is committed to fostering an inclusive workplace, where unique identities, backgrounds, cultures, perspectives and experiences are respected and valued.

ZOLL is a fast-growing company that operates in more than 140 countries around the world. Our employees are inspired by a commitment to make a difference in patients' lives, and our culture values innovation, self-motivation and an entrepreneurial spirit. Join us in our efforts to improve outcomes for underserved patients suffering from critical cardiopulmonary conditions and help save more lives.