Director, Global Privacy Compliance & Data Protection Office (Exclusive Appointment)

  • Location

    United Kingdom

  • Discipline:


  • Job type:


  • Salary:

    £100,000 to £115,000 + Benefits

  • Consultant:


  • Email:


  • Job ref:


  • Published:

    almost 2 years ago

My client is long established and well regarded and occupies a niche in the field in which it operates, serving customers in commercial, consumer and industrial markets all over the world.

They are currently looking for an individual to undertake this exciting and varied role, reporting to the CFO and European Managing Director where you will be based from home but working with colleagues globally across the different countries in which they operate in.

 Key responsibilities include:

  • Inform, advise and issue recommendations to the employer regarding privacy compliance in the regions in which the organization does business with particular emphasis on GDPR compliance requirements
  • Develop and coordinate a risk management and compliance framework for privacy
  • Conduct comprehensive review of the company’s data and privacy projects and ensure they are consistent with corporate privacy and data security goals and policies
  • Develop and manage enterprise-wide procedures to ensure the development of new products and services is consistent with company privacy policies and legal obligations
  • Establish a process for receiving, documenting, tracking, investigating and taking action on all complaints concerning the organization’s privacy policies and procedures
  • Oversee, direct, deliver and ensure initial and on-going privacy training
  • Establish internal privacy audit program
  • Develop and manage procedures for vetting and auditing vendors for compliance with relevant privacy, data security policies and legal requirements
  • Advise the controller/processor regarding DPIAs
  • Maintain the record of processing operations under the responsibility of the controller as one of the tools enabling compliance monitoring, informing and advising the controller or the processor
  • Document all decisions taken consistent with and contrary to DPO’s advice
  • Establish Incident and Breach Response and Notification program.  Offer consultation once a data breach or other incident has occurred

The Person:

  • Extensive experience in data protection program management in multi-national corporations
  • CIPP/E, CIPM certifications highly desirable
  • Expertise in global, national and European data protection laws and practices and an in-depth understanding of the GDPR
  • Demonstrated leadership and project management experience
  • Sound understanding of and familiarity with information technology programming and infrastructure, and information security practices and audits
  • Experience at operating and contributing at both strategic and operational level
  • Ability to communicate effectively with the highest levels of management and other key stake-holders within the organization across national boundaries and cultures
  • Highly developed influencing and interpersonal skills
  • Be creative and possess great problem-solving skills
  • Work with high integrity, respect and professional ethics
  • Be able to operate in a fast paced and dynamic environment
  • Must be a team player

Given the role is home based, you must be self-motivated and a strong decision maker with an ability to work in a standalone role.  Despite the global remit, you are unlikely to be travelling extensively as part of the role with an expectation that you will visit each region once a year.

Salary is entirely commensurate with experience but will reflect the significance of the role.

MERJE have been instructed exclusively on the role.

Please note, should you not receive feedback 28 days, unfortunately your application has been unsuccessful. However, we may be in touch with similar relevant opportunities.