Data Protection Officer (DPO)

  • Xapo
  • San Francisco, CA, USA
  • Jun 29, 2018
Full time Risk Security

Job Description

Job description


At Xapo, the largest custodian of Bitcoin in the world, we offer the convenience you would expect from an online checking account with the high tech security of our Bitcoin vault.Our business is growing fast, and we want to make sure we can keep providing the best quality support to our customers. We are looking for an experienced

Data Protection Officer (DPO) based in Europe / UK  who can actively contribute to a challenging / technological work environment.


This job opportunity is remote - you could work from anywhere in Europe or in the UK




  • To inform and advise the organization about obligations to comply with the GDPR and other data protection laws including: monitor compliance with the GDPR and other data protection laws, and with Xapo´s data protection policies.

  • To manage internal data protection activities; raising awareness of data protection issues, training staff, and conducting internal audits;

  • To advise on, and to monitor, data protection impact assessments by functioning as the first point of contact for supervisory authorities and other parties involved whose data is processed (employees, customers etc).

  • Prioritise and focus on the high risk activities of the organization, for example where special category data is being processed, or where the potential impact on individuals could be damaging.

Some Perks of working with Xapo


Absolute autonomy

Remote work enviroment

Working as part of a global team

Learning from Silicon Valley’s brightest



Skills and Experience:


  • Bachelor’s degree in business or a related field
  • +5 years of professional experience in a similar role in a multinational business

  • Expert knowledge in national data protection laws and legal compliance with particularly solid experience with GDPR

  • Familiarity with Information and Cyber security risks and information security standards, IT security knowledge, or IT audit background

  • Experience in negotiating data privacy terms, privacy impact assessment, incident management, and subject access requests ideally in a tech-environment

  • Ideally to have experience of working in a financial or professional services environment

  • Familiarity and experience with the application of data protection regulations in a technology context

  • Certification in Data Privacy: e.g., CIPM, CIPP, C-GDPR-P, BCS/ISEB or PDP

Other skills:



  • Ability to assess data privacy risks and prioritise resources and activity to manage those risks

  • Proven ability to establish and maintain a high level of confidentiality, respect, trust and credibility

  • Exceptional organizational skills with attention to detail

  • Fluent in English, ability to speak a second language ideal, preferably Spanish, but not a requirement