Data Protection Manager (DPM)
Based: Hybrid anywhere in the UK with occasional travel to Blackburn and Milton Keynes
Purpose of the role:
Reporting to the Head of Compliance (HoC), the DPM will be responsible for facilitating the management of all aspects of Data Protection to the organisation
Specific areas include, but are not limited to regulatory compliance (ICO) and Data Protection (UKDPA/GDPR)
This is a high profile role. The DPM will embed themselves in key business areas, adopting a business partner approach to provide both advisory inputs and proactive monitoring of Data Protection risk as part of new initiatives and day to day operations.
Key Responsibilities:
Working closely with the HoC you will:
Design, implement and manage proportionate Data Protection oversight
Support the HoC and Leadership team on embedding a Data Protection aware culture
Horizon scan to increase knowledge and awareness of Data Protection risks affecting the business
Ensure compliance with regulatory obligations whilst taking a commercial and practical approach to regulatory based challenges and offer appropriate solutions
Continual drive for enhanced efficiency and customer outcomes in all processes
Ensure HoC and senior management remain informed of regulatory, legislative and best practice changes and their obligations under these changes and how they impact thebusiness
Provide regular reports to HoC, Leadership team and other relevant stakeholders detailing any current issues or information as required
Provide support, education and training to staff
Take ownership of SAR management
Provide expert advice and guidance on data subject privacy rights and data protection risks (GDPR).
Manage the day to day support initiatives to the business, identifying GDPR compliance initiatives.
Collaborate with Group DPO office to ensure successful delivery of GDPR requirement's.
Management of general Privacy Office functions including, Subject Access Requests; Data Protection Impact Assessments; Data Breaches; Vendor Assessments & Data Subject rights.
Provision of proactive and practical regulatory advice
The person:
An experienced Data Protection manager with a proactive and pragmatic nature. Compliance and Data Protection within Marshalls is a key department and seen as a business enabler, therefore the ideal candidate will have a can do mind set and a curious nature focussing on what we 'can do' within our regulatory perimeter rather than base advice solely on regulatory statements.
Competencies:
Strong Data Protection knowledge (UKDPA & GDPR) and experience of operating in this space
Relevant automotive finance experience would be ideal
Practical and commercial approach to problem solving
Knowledge and experience of defining and assessing controls
Experience of influencing behaviours at all levels of the organisation
Proven track record of delivering enhancements to process efficiency
Ability to produce and present effective presentations and training sessions.
Qualifications:
A Data Protection qualification is desirable but not essential balanced against relevant experience.