• Ensure compliance of IT operations with data privacy and data protection standards, laws and regulations; • Assist in designing, implementing, auditing and compliance testing activities in order to Ensure data and privacy compliance; • Identify, document and propose countermeasures to compliance gaps (if any); • Advise on data protection matters, in particular in the context of personal data processing; • Conduct privacy impact assessments; • Write and/or review records of processing activity on personal data for data controllers and privacy statements; • Develop, maintain, communicate and train upon the data privacy policies and procedures; • Provide legal advice and guidance on data privacy and data protection standards, laws and regulations; • Enforce and advocate organisation’s data privacy and protection program; • Ensure that data owners, holders, controllers, processors, subjects, internal or external partners and entities are informed about their data protection rights, obligations and responsibilities; • Act as a contact point to handle queries and complaints regarding data processing; • Monitor audits and data protection related training activities; • Cooperate and share information with authorities and professional groups; • Contribute to the development of the organisation’s strategy, policy and procedures; • Develop and propose staff awareness training to achieve compliance and foster a culture of data protection within the organization; • Manage legal aspects of information security responsibilities and third-party relations; • Ensuring that all activities and duties are carried out in full compliance with regulatory requirements and supporting the continued implementation of the Group Anti-Bribery and Corruption Policy.

• Leading preparation and submission of 510(k) applications and other regulatory filings for Software as a Medical Device (SaMD) • Developing and executing global regulatory strategies for product registrations in the US, EU (MDR), and Canada • Supporting international regulatory teams with product registrations across the Custom Smiles Portfolio • Ensuring compliance with global regulations and reviewing technical and software documentation for submissions • Collaborating cross-functionally to integrate regulatory requirements into product development

Role Description Quento Technologies seeks a highly motivated and experienced Governance Risk and Compliance Expert. - Ensure compliance of IT operations with data privacy and data protection standards, laws and regulations; - Assist in designing, implementing, auditing and compliance testing activities in order to ensure data and privacy compliance; - Identify, document and propose countermeasures to compliance gaps (if any); - Advise on data protection matters, in particular in the context of personal data processing; - Conduct privacy impact assessments; - Write and/or review records of processing activity on personal data for data controllers and privacy statements; - Develop, maintain, communicate and train upon the data privacy policies and procedures; - Provide legal advice and guidance on data privacy and data protection standards, laws and regulations; - Enforce and advocate organisation’s data privacy and protection program; - Ensure that data owners, holders, controllers, processors, subjects, internal or external partners and entities are informed about their data protection rights, obligations and responsibilities; - Act as a contact point to handle queries and complaints regarding data processing; - Monitor audits and data protection related training activities; - Cooperate and share information with authorities and professional groups; - Contribute to the development of the organisation’s strategy, policy and procedures; - Develop and propose staff awareness training to achieve compliance and foster a culture of data protection within the organization; - Manage legal aspects of information security responsibilities and third-party relations; - Ensure that all activities and duties are carried out in full compliance with regulatory requirements and supporting the continued implementation of the Group Anti-Bribery and Corruption Policy. Qualifications - Master's degree; - Minimum 5 years of IT professional experience; - Minimum 4 years of experience in similar position; - At least 5 years of personal data protection compliance experience in an ICT, EU institutional, public-sector or similarly technology-heavy environment; - At least 3 years of hands-on experience preparing, updating or reviewing RoPAs, DPIAs, DPA, TIA or related personal data protection documentation; - At least 2 years of experience analysing and documenting technical arrangements relevant to personal data protection; - Ability to work with incomplete or inconsistent ICT-related information; - Comprehensive understanding of the IT business strategy and services; - Carry out working-life practices of the data protection and privacy issues; - Lead the development of appropriate standards and privacy policies and procedures; - Explain and communicate data protection and privacy topics to different types of audience; - Understand legal framework modifications implications to the organization’s data protection strategy; - Excellent knowledge of EU data protection legislation and regulations; - Data protection standards, policies, methodologies and frameworks; - Legal, regulatory and legislative compliance requirements, recommendations and best practices; - IT Operations and IT Services delivery; Requirements - Practical experience with privacy impact assessment standards, methodologies and frameworks; - Writing and reviewing records of processing activity on personal data for data controllers and privacy statements; - At least 3 certifications among: - CISA (Certified Information Systems Auditor); - CISM (Certified Information Security Manager); - GSNA (GIAC Certified Systems and Network Auditor); - GCCC (GIAC Certified Critical Controls); - ISO 27001 Lead implementer; - ISO 27001 Lead Auditor; - ISO 27005 Risk Manager; - CAP ((ISC)2 Certified Authorization Professional); - CRISC (ISACA Certified in Risk and Information Systems Control); - CISSP-ISSMP ((ISC)2 Certified Information Systems Security Management Professional); - GIAC Certified ISO-27000 Specialist; - or equivalent certification recognized internationally. - Very good knowledge of the English language (C2). Benefits - This role is a remote opportunity. - CV submitted in English.

Role Description The Senior Specialist, Regulatory and PV Network is responsible for developing the strategy based on regulatory requirements and for driving regulatory and PV deliverables based on an established PV and regulatory plan. They also serve as a liaison between regulatory and other functional areas including external partners, clients, authorities and/or consultants in the planning, organizing, and preparing of regulatory deliverables following project, corporate and industry regulatory strategies. The Senior Specialist will also act as Local Contact Person for Pharmacovigilance for the designated country. Job Responsibilities - Act as Local Contact Person for Pharmacovigilance for the designated country - Assume leadership and functional representation for projects of medium/high complexity ensuring effective and rapid coordination and management of regulatory deliverables, driving the team to meet the agreed targets and to comply with the agreed procedures, trackers and templates - With the help of a senior member of the team, develop strategy and manage set up activities (Project Management Plan, joint operating procedures, POAs and core documents) - Provide strategic input to internal and external customers and promptly identify and address any risk/potential risk by implementing preventive measures - Problem solve and support achievement of satisfactory resolution of performance issues or delivery failures - Collect, review, track and maintain LCPs' CVs, job descriptions, training records, contact details and monthly reports - Ensure correct training assignment to and training compliance by the LCPs - Ensure all team members assigned to the project for departmental deliverables are aware of the tasks and time allocated, monitor project budgets, hours spent vs budgeted and promptly identify and escalate any OoS - Provide support to proposal development and input to budgets, provide department representation to BD meetings as required - Prepare client’s invoices and review/approve vendors’ project invoices - Provide training, coaching and mentoring to junior members of staff - Foster professional working relationships with internal and external contacts at the local and international levels to ensure smooth and efficient service delivery - Stay abreast of changing regulatory legislative requirements and ensure maintenance of the regulatory intelligence database and timely dissemination of pertinent changes - Participate in and/or support junior members in preparation for audits/inspections and provide department representation for assigned projects as required - Track LCPs' key performance indicators and prepare monthly summary reports - Provide feedback on performance of vendors to aid their assessment - Provide input to department/company initiatives and contribute to the design/review of SOPs/working practice/guidance. Qualifications - Bachelor's Degree in Chemistry or Life Sciences, Nursing, or equivalent experience - Strong experience within pharmaceutical or CRO industry or Regulatory body - Good knowledge of ICH GCP and/or GVP and national regulations for territories of competency - PV training and/or working experience and other educational or professional background as required locally - Fluent in English, both written and verbal - Candidate must be proficient in the official language of the country in which they are based, as this is essential for local interactions and compliance - Good planning and organizational skills - Strong interpersonal skills in a fast-paced, deadline oriented, and changing environment - Good attention to detail Benefits - Training and career development opportunities internally - Strong emphasis on personal and professional growth - Friendly, supportive working environment - Opportunity to work with colleagues based all over the world, with English as the company language