Data protection expert – Belgium (Hybrid)

About the Mission

Depiction
The ANPR program is housed at the Directorate of Police Information and ICT (DRI) of the Federal Police. The directorate is responsible for the preparation of policies and rules for information management and processing, the development of the police information concept, the establishment of technical norms and standards and the implementation of information and communication systems. 
Project
Automatic Number Plate Recognition (ANPR) uses intelligent cameras that recognize license plates. The system then compares these scanned license plates with the data already available (stolen or reported vehicles, whether or not they are allowed to drive in certain areas, etc.). ANPR is used within the police in the context of road safety, intervention and investigation.
The asset management system of the ANPR cameras is experiencing changes to the architecture and will increase in size in the near future, both in terms of volume and types of connected cameras and linked systems from various partners. The cameras themselves are also evolving in terms of complexity and functionalities (e.g. AI). It is important to have a good view of the data flow – and its protection – at all times, for security and to ensure privacy. To this end, the federal police wishes to rely on an expert in data protection and GDPR, so that the DPO can carry out its supervisory and advisory tasks and its role as a contact point in all correctness.
Mission
As an expert in data protection, you temporarily and ad hoc strengthen the ANPR team at DRI to map the impact of architectural and operational changes in terms of data management.
The necessary impact analyzes must be drawn up and updated.
You also request the necessary input from partners and suppliers. 
You have a certain technical insight and take on an advisory and facilitating role with regard to the members of the team and other stakeholders (internal and external). 
Tasks and responsibilities: 

Identifying areas for improvement in existing processing agreements and DPIAs
Drawing up a template for DPIAs that can then be used further in the organization
Analyzing initiatives and providing advice on the need for (adjustment of) DPIA
Drawing up all necessary new DPIAs and processing agreements
Carrying out verifications when solutions are put into use for which an initial DPIA was drawn up
Drawing up a schedule with documents to be delivered according to priority
Carrying out checks on the conformity of the processing activities of the organization and its partners
Preparing answers to questions from supervisory authorities
Develop and implement quality management plans that ensure project deliverables meet required standards
Report to the program manager on the progress of documents in preparation
Monitoring changes in applicable regulations for data protection (Belgium, Europe) and police work

Education, experience and competencies: 

At least ten years of hands-on experience as an expert in data protection within an IT technical domain
DPO certification
Experience with systems and programs for project follow-up and knowledge management
Good communication skills
French or Dutch as a mother tongue, with a strong passive knowledge of the other language
A self-starter with a critical eye
Discretion

Soft skills

Good communication skills and the ability to get different stakeholders to work together
Proactivity and the ability to work according to strategic agreements
You can quickly switch between different topics and depending on changing priorities.
Discretion and a diplomatic attitude

Practical
Desired start date: June 1, 2026
Duration:  60 days until the end of 2026
Regime: part-time – to be arranged in consultation with ANPR program manager
Main address: Koningsstraat, 202 A – 1000 Brussels 
Work arrangement: minimum 2 days/week presence at the office, depending on regime (not for part-time working week), tasks and appointments with the team; telework permitted at home or employer address (Belgium)
Team: multidisciplinary, mix of internal and external employees

Required Skills

DPIA: opstellen van technische risico-beoordelingen; datamapping, DPO certifiëring, Inzicht in cybersecurity dreigingen en preventiemaatregelen, Kennis van identiteits- en toegangsbeheer (IAM), Kennis van ISO27001, Kennis van IT-systemen

Practical Information

• Company: Confidential
• Location: Koningsstraat – Hybrid
• Start Date: 1 June 2026
• End Date: 31 December 2026
• Duration: 7 months
• Contract Type: Freelance / Mission
• Application Deadline: 8 May 2026