to £75,000 + Benefits
about 2 years ago
Our client is a well-known Financial Services business who are currently looking to recruit an individual to maintain a secure framework for the management of its data and compliance with data protection legislation and to maintain an effective business continuity framework for the business.
Key responsibilities include:
Act as focal point for all aspects of day to day compliance with data protection legislation:
- Providing advice on data protection
- Providing advice on marketing activities (email, SMS, telephone, post)
- Conducting data protection risk assessments
- Managing data subject access requests
- Identifying data processor/data controller roles and negotiating data protection terms in third party contracts
- Advising on data retention requirements
- Operate a training programme
- Monitoring compliance
- Communication and co-operation with the ICO
- Reviewing data incidents and determining relevant actions and notifications
- Applying in-depth knowledge of principles, practices and procedures of data protection to achieve the completion of complex assignments.
Establish and maintain a data protection framework for the business, including the development and implementation of policies, procedures and processes to ensure compliance with all aspects of the GDPR, including:
- Privacy Impact Assessments
- Data Subject Access Requests
- Privacy Notices
- Data retention
- External Information Requests
- Development/revision of appropriate data protection policies
- Supplier contract review
- Physical / Technical security, including establishing appropriate access controls
- Incident / Breach Management
- Maintain a network of Data Protection ‘champions’ within the organisation to assist with the collation of MI, building privacy awareness and promoting good practice across the business
- Work closely with Legal, Information Security, Marketing, Risk & Compliance and HR to ensure that all Data Protection considerations area addressed under GDPR
- Provide guidance to the Executive and Boards on GDPR as required
- Monitor ICO guidance / enforcement actions / policies
- Network with Data Protection colleagues both internal and external.
Maintain the business continuity framework for the business including:
- Own the groups Crisis Management and Business Continuity process
- Working with the business at both group and local level to maintain local business impact assessments
- Maintenance of business continuity plans for group locations, undertaking periodic risk assessments.
- Periodic business continuity testing (physical or scenario).
- Maintaining awareness of business continuity requirements, undertaking training as required
- The successful candidate will be experience in financial services and have a knowledge of compliance / regulatory risks facing a financial advice firm, including pensions and the broader financial service regulation.
- Excellent understanding of the requirements of the General Data Protection Regulation and related legislation such as PECR
- 3-5 years Data Protection and Privacy experience, preferably in the financial services sector.
- Previous experience in delivering a Data Protection strategy for an organisation would be desirable
- Familiarity with business continuity requirements and how to implement them
- Strong analytical and project management skills
- Strong communicator with proven effective interpersonal and influencing skills
Salary range is entirely commensurate with experience and will reflect the significance of the role.
Please note, should you not receive feedback 28 days, unfortunately your application has been unsuccessful. However, we may be in touch with similar relevant opportunities.