Data Protection Specialist

Data Protection Specialist required by our market leading, award winning professional services client. This is a remote role with a maximum of 1-2 days a month onsite in Central Bristol (7-8 minute walk from Temple Meads Station). The Data Protection Specialist will work closely with the Data Protection Officer (DPO) in leading stakeholders across multiple teams in the implementation of data protection compliance activities. The Data Protection Specialist will help to drive privacy by design throughout the organisation and be responsible for coordinating activities with regards to privacy and governance related matters as directed by the DPO or the Risk Director.

The Data Protection team is a part of the Risk and Compliance function, the Data Protection Specialist will work in a small team responsible for ensuring regulatory compliance and embedding a culture of learning and continuous improvement so that our client can demonstrate the highest possible standards to their clients, regulators, and other key stakeholders.

Main Responsibilities:

• To work proactively as a Data Protection subject matter expert, promoting best practice and developing policies and procedures to support this.
• To manage from first notification through to completion of all low to medium risk rated personal data breaches or incidents concerning impact and severity; including drafting written responses to regulators, clients or customers and reporting and communication with stakeholders within the business.
• To document business practices in the GDPR risk register and to ensure that recommendations are issued as necessary to ensure that risks are mitigated effectively.
• As part of a small team, you will be the first port of call in supporting the smooth running of the DP team’s data protection best practice ethos, by championing the highest levels of customer care and providing a responsive, high-quality service to colleagues across the business.
• To provide specialist advice and recommendations across a range of data protection topics including individual rights requests, data breach management, DSARs (Data Subject Access Requests) and external data sharing practices within and outside of the UK.
• To lead on advice and instructions on how to conduct and complete Data Protection Impact Assessments (DPIAs) and Legitimate Interest Assessments (LIAs) exercises.
• To create and maintain documentation that provides evidence of regulatory compliance based on the accountability principle and the GDPR risk register with little supervision.
• To assist the DPO on all aspects of data protection compliance when collaborating with Internal Audits to ensure that robust policies, procedures and controls are in place, meet the business needs and are effectively implemented.
• To develop the Data Protection Champions (DPC) network by working with key stakeholders in relevant teams and functions within the business.
• To perform quality control on the records of processing activity from each function to ensure consistency and alignment with relevant business policies and practices.

Required Background:

• Substantial recent experience of managing data protection and information rights functions within a large regulated organisation or professional services company.
• Excellent knowledge of data protection laws (UK GDPR, EU GDPR, DPA (Data Protection Act) and practices.
• Accredited qualification like a professional diploma in data protection and governance or hold at least one Data Protection and/or Privacy certification such as, CIPP, CIPT, ISEB/BCS. Consideration will also be given to experienced data protection professionals with three – five years’ experience in a data protection/privacy role.
• Educated to degree level
• Ability to handle confidential information.
• Ability to identify any compliance gaps and problems, undertake analysis, challenge poor practices diplomatically and make effective recommendations through pragmatic solutions.
• Ability to quickly establish personal credibility and to develop and maintain effective stakeholder’s relationships, including working with people with differing perspectives and agendas.
• High degree of IT literacy, with excellent experience of using Microsoft Office (Word, Excel, Outlook, PowerPoint). Excellent document and formatting skills for reporting.
• Knowledge and understanding of equality and diversity and what this means in relation to this post and the ability to incorporate this into all aspects of work.
• Good knowledge of best practices in information security and new technology practices.
• Ability to manage workload independently and autonomously when required by the DPO.

This fantastic role comes with a basic salary of £47,500-50,000 p/a and on top of the bespoke training package, comes with the following benefits: A performance related bonus, remote working, annual salary review, 25 days holiday (which will increase to 30 days based upon length of service), private medical insurance, pension and many more.

Apply for this role: