Data Protection Officer
Our client is a flagship Welsh not-for-profit organisation currently seeking a GDPR Data Protection Officer.
This is a high profile role providing assurance to the Board, customers and other stakeholders that they continue to meet their legal obligation on Data Protection issues. Working as part of the in-house Compliance Team, set up by the Chief Executive, you will play a key role in enhancing our culture of compliance. You will provide essential advice, guidance and support to colleagues within the business to help ensure we all live up to our values.
This is a permanent role with the opportunity to develop and progress your career. A flexible approach to travel is essential for this role. They offer a competitive salary and benefits package.
The role will include:
- Developing and implementing a risk based GDPR Compliance Action Plan
- Being the first point of contact for enquiries from colleagues across the business on Data Protection issues and providing them with appropriate advice and guidance
- Working closely with members of the Legal team, IT Teams and other data governance functions
- Playing a key role in enhancing a culture of compliance with Data Protection, and implementing essential elements of the GDPR, within the business
- Reviewing and where required updating data protection policies, procedures and processes to ensure they reflect current legislation, guidance and best practice
- Developing training for the business on data protection and campaigns to build awareness
- Providing guidelines to contractors and third parties that use Company assets or company information
- Reviewing contracts with data implications and advising on drafting
- Assisting colleagues with internal compliance with the GDPR (including analysing processing activities and issuing recommendations; maintaining their register of processing activities)
- Continually keeping up to date with latest regulations around data privacy and summarising the impact to the organisation both internally and externally
- Drafting an annual report of the DPO's activities for submission to the Audit Committee
- Providing advice to the business in relation to Data Protection Impact Assessments (including whether to carry out a DPIA, methodology to use, and safeguards to mitigate any risks identified)
- Acting as the contact point for the Information Commissioner's Office in relation to processing activities
- Experience in data protection or related role
- A good understanding of data protection and security best practice
- Knowledge and understanding of the current national and European law on data protection and the new requirements under the GDPR
- Excellent written and verbal communication skills with the ability to communicate and influence with confidence and clarity at all levels
- Ability to provide sound, practical and timely advice and guidance that considers both legal obligations and the needs of the business
- Experience of designing, developing and conducting training programmes
- Ability to assimilate information quickly and translate into easily understood communications
- People focussed with good interpersonal skills, relationship development and facilitation skills and with the ability to gain and sustain credibility with internal and external stakeholders
- A self-starter with a can do attitude and an excellent team player
- Ability to work effectively to objectives with confident prioritisation skills, sound analytical skills and particular attention to detail and accuracy
- Ability to deal with confidential and sensitive issues and information
- A high level of professional ethics, integrity, discretion and honesty
- Enthusiastic and passionate about doing a great job
- Access to transport for travel to various sites
For more information, please contact Sarah Boxall at Chadwick Nott.
Chadwick Nott Ltd is acting as an Employment Agency in relation to this vacancy.