Data Protection Officer
Hybrid – 3 days in the office, 2 days at home
£65k-£85k plus benefits

As Data Protection Officer you will ensure the company meets its obligations under the Data Protection Act 2018 (DPA 2018). Reporting to the Chief Compliance Officer, the DPO will monitor compliance and data practices internally to ensure that the business and its functions comply with the applicable requirements under the DPA 2018 and relevant national legislation. The DPO will be responsible for advising on, and where required, carrying out staff training, data protection impact assessments and internal audits.

The key aspects of the role – Data Protection Officer

In this role, you will work closely with the Legal, Operational and IT functions to develop and monitor policies and standards applicable to the business and in compliance with the DPA 2018 and relevant national legislation. Duties will include:

  • Implementing measures and a privacy governance framework to manage data use in compliance with the DPA 2018, including developing templates for data collection, assisting with data mapping, and vendor management reviews.
  • Working with key internal stakeholders in the review of projects and related data to ensure compliance with data privacy laws, and where necessary, advising on and monitoring data protection privacy impact assessments.
  • Serving as the primary point of contact and liaison for the ICO and other EEA Data Protection Authorities on all data protection-related matters under the DPA 2018.
  • Serving as the primary point of contact for data protection queries in the business.
  • Reviewing vendor contracts (including EU model clauses) and consents needed to implement projects in partnership with the firm’s Compliance and IT functions.
  • Participating in any relevant committee discussions.
  • Managing and conducting ongoing reviews of the company’s privacy governance framework and regular and ad hoc reporting on data privacy compliance within the organisation.
  • Monitoring changes to Data Protection laws and making recommendations to the Board or a relevant committee when appropriate.
  • Setting standards and reviewing policies on an ongoing basis.
  • Developing strategies and initiatives to ensure engagement with key internal and external stakeholders.
  • Coordinating, conducting and monitoring data privacy audits.
  • Collaborating with the IT function to maintain records of all data assets and exports and maintaining a data security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications.

Experience – Data Protection Officer

  • 5 years of experience within a compliance, legal, audit and/or risk function, with a minimum of two years of experience in privacy and data protection compliance.
  • Hold at least one data protection and/or privacy certification, such as CIPP, CIPT, CIPM, ISEB, etc.(preferred) or willingness to achieve one of the above qualifications within a short period of joining.
  • Ability to demonstrate leadership and project management experience.
  • Familiarity with privacy and security risk assessment and best practices, privacy certifications/seals and information security standards certifications.

For a more detailed job description, please contact Vicky at 01279713900.