Deputy Data Protection Officer (Privacy Lawyer)

We are looking for a highly experience Privacy Lawyer who is looking for a new challenge in a different direction; and who has a genuine love of data protection, can think innovatively and provide practical and commercial advice in relation to data protection Reporting to the Data Protection Officer, DDPO will provide specialist, pragmatic, regulatory and legal guidance and support to ensure that The Company has the right policies, processes, procedures and controls in place to operate in line with its obligations under UK data protection laws and regulations.

Role and Responsibilities:

• Work collaboratively with the data protection team, colleagues in Compliance, Legal and InfoSec as well as the wider business to ensure that legal and regulatory requirements / best practices relating to data protection laws and regulations are effectively identified and implemented
• Review / provide guidance on the development of compliance related policies, procedures, processes and controls to facilitate compliance with applicable laws and regulations
• Support with DSA and contractual requirements
• Work closely with the wider Risk & Compliance team to provide holistic support to the business
• Facilitate the identification, investigation management and resolution of compliance related issues
• Prepare relevant compliance reporting to meet both internal and external regulatory requirements
• Engage with 1st / front line operational business teams to inform and advise The company and our employees about our obligations to comply with data protection laws and regulations
• Monitor compliance with the UK- GDPR and other data protection laws, and with our data protection policies, including managing internal data protection activities and conducting compliance reviews
• Ensure that The Company remain properly registered under the law and maintains an active article 30 register of processing activities, driving audit and associated data management processes
• Manage data privacy breaches or near misses, support the identification of the root cause, mitigation's and monitor implementation to prevent recurrence
• Work with the business to implement compliance with data protection laws and regulation into its transformation programme
• Oversee the subject access request process and individual rights, identify and evaluate our data processing activities

Requirements for the role:

• Excellent understanding and knowledge of UK data protection legislation & regulatory regime, with a proven history of working in the field of data protection (including e.g. ISEB/CIPPE qualification)
• 5 + years of subject matter expertise in providing compliance support for data protection compliance including a proven track record in carrying out monitoring reviews
• Previous experience in a B2C environment with large customer data sets, including marketing
• Demonstrable experience in the application and implementation of Privacy by Design and Default, conducting Data Privacy Impact Assessments and independent assessment of data breaches
• Strong communication and interpersonal skills are essential; a people person skilled at building and maintaining relationships both internally and externally as well as managing key stakeholders
• Ability to work collaboratively with relevant stakeholders to plan, organise and prioritise activities to efficiently meet business objectives
• Work well under pressure, be flexible and comfortable with ambiguity and manage several tasks at the same time working to tight deadlines

Preffered:

• A recognised data protection qualification.
• Proven track record in supporting a large-scale transformation in relation to data protection requirements

Should you be keen on the opportunity - please send your CV to:

Cordelia.DuPlessis@projectpeople.com

Should you not hear back from us within 2 weeks, please consider your application as unsuccessful.

Project People is acting as an Employment Agency in relation to this vacancy.