Senior Manager, Information Security and Data Protection

  • Location


  • Discipline:


  • Job type:


  • Salary:

    £70,000 - £80,000 + Benefits

  • Consultant:


  • Email:


  • Job ref:


  • Published:

    almost 3 years ago

Our client is a leading financial services’ business who are currently recruiting for an individual to take the lead in providing expert advice and the promotion of data protection compliance/ information security and best practice in setting and maintaining standards and procedures across the Group.  The role reports to the Chief Risk Officer.

Key Responsibilities:

  • Design and implement a Data Protection governance framework with a reporting line to the Chief Risk Officer and the Executive Board.
  • Develop and manage the Group’s Data Protection policies, ensuring procedures and controls are up to date and monitor their implementation.
  • Design and act as SME on a working group made up of relevant business representative to monitor issues, their resolution and delivery of consistent communications relating to Data Protection and information security.
  • Define and arrange delivery of Data Protection and security awareness training for all employees. This includes delivery and accreditation to technical specialists and maintaining awareness of Data Protection developments and changes and disseminate new rules/regulations to staff.
  • Facilitate the identification of Data Protection risks, threats and mitigation.
  • Analyse and report to EXCO member and regulators on types of Data Protection and Information security breaches and investigate their root causes and action plans for resolution.
  • Advise on all elements of processing Data and on the requirements and implications of local Data Protection laws.
  • Act as SME and sign off authority in relation to Data Protection for product and procedural changes and development.
  • Influence and manage the relationship with external regulatory bodies to ensure a strong compliance ethos throughout the organisation.
  • Liaise and work collaboratively with the Financial Crime Officer to ensure the group adopts a unified and consistent approach to the protection of personal data and financial crime.
  • Act as business partner to Technology for IT security related risks.
  • Work with IT security to provide challenge and support for IT security related risks.
  • Provide constructive feedback and challenge to Technology and Continuity, DR and incident management on incident management procedures.

 Key Requirements:       

  • Expert knowledge and understanding of the Data Protection Act 1998, Data Protection Bill and GDPR and its implementation.
  • Awareness of Fraud, AML, CTF and sanction legislation, regulations and guidance.
  • Broad knowledge and understanding of FCA principles and rules applicable to the General Insurance marketplace.
  • Relevant experience in managing a data assurance, risk, compliance/legal or audit function in UK financial services.
  • Strong negotiating and influencing.
  • Confident and articulate verbal and written communication.
  • Extensive cyber security and information security experience. 

Salary is commensurate with experience but will reflect the significance of the role