Compliance & Data Protection Officer

  • Location


  • Discipline:


  • Job type:


  • Salary:

    up to £45,000

  • Consultant:


  • Email:

    Richard Abelson

  • Job ref:


  • Published:

    11 months ago

My client is a leading Healthcare technology provider who are currently looking for an individual who will be central to the Company’s strategy in maintaining regulatory compliance and driving sustainable improvements in Data Protection, quality and security,

You will be expected to work autonomously and to proactively drive the continued compliance with regulations. You will be required to have an understanding of the current landscape of information technology and ideally, healthcare to ensure the Company is prepared for any changes in the regulatory landscape.

You will be a key member of the team across the Company and lead in promoting ongoing compliance with regulations. This will include the development of assessments and systems to monitor and report against a wide range of key regulatory focus areas.

Key responsibilities include:

  • You will represent the firm in DPO and compliance activities, audits with internal stakeholders, customers, vendors and standards companies.
  • Provide practical data protection advice, guidance and assistance including meeting the firms’ obligations under the data protection law
  • Plan and conduct internal audits for all certifications, particularly ISO 9001/27001; including audits of 3rd parties, ensuring audit results are captured and communicated
  • Brief teams on the requirements of external audit and the evidence that needs to be retained and presented to show compliance.
  • Manage external audit activities, directing activity during the audit, supporting colleagues in evidencing processes, and communicate results and actions plans
  • Track and manage to resolution non-conformances from internal and external audit
  • Act as subject matter expert in formal management reviews of GDPR, QMS and ISMS.
  • Plan, lead and document risk analyses to company standards and processes including management of risk registers
  • Propose and develop appropriate security and compliance policies and procedures along with internal stakeholders to ensure viability along with business practice.
  • Lead on activities required to update current certifications as requirements change
  • Review Group standards proposals and produce gap analyses identifying areas of difference and the necessary activities to bridge the gap, along with recommendations for action
  • Act as a focal point for compliance and information security-related queries from colleagues, customers and vendors including during tender processes
  • Conduct Data Protection Impact Assessments.
  • Review and align IT policies and processes to current and emerging legislation and industry best practice.
  • Create awareness programmes to engage employees.

The Person:

  • You will have experience of planning and conducting audits for ISO 9001 and 27001.
  • Experience in creating and monitoring compliance programmes
  • Experience working with auditors.
  • Exceptional communication and interpersonal skills, both written and verbally across all levels.
  • Motivated organisational skills with an ability to work to tight deadlines and manage your workload effectively.
  • You should be a team player but comfortable working under your ow initiative.
  • You should be excellent problem solver with great attention to detail.
  • Flexible and innovative approach.
  • You will be keen to adopt other regulatory standards to include in the company compliance improvements.
  • Highly developed analytical skills with a keen eye for detail. Ability to analyse and understand business processes, policies and practices and to assess risks.
  • Able to tactfully influence peers and possess sufficient self-confidence to question the veracity of systems, practices, procedures and policies.

Salary is entirely commensurate with experience and will include a discretionary bonus and benefits.


Please note, should you not receive feedback 28 days, unfortunately your application has been unsuccessful. However, we may be in touch with similar relevant opportunities.