My client, an International Financial Services firm with a base in London is looking to appoint a Data Protection specialist, to lead as an SME on data privacy initiatives and compliance for the firm.
A global business with offices in multiple cities around the world, my client hosts their main European office here in London. The Data Protection Specialist will be based in the London office.
The Data Protection Specialist will:
- Provide advice on data protection compliance risk.
- Design and manage a data protection monitoring programme designed to assess compliance with the business' data protection policies.
- Maintain up to date, the GDPR Risk and Control Logs.
- Develop and maintain records of all personal data processing activity, including the assessment of the lawful basis for processing.
- Review policies and procedures to ensure these remain GDPR Compliant, as well as ensure all operational aspects meet compliance in execution.
- Conduct Data Protection Impact Assessments for all relevant projects, product launches and other change initiatives.
- Manage all queries or requests from data subjects including subject access requests.
- Work with Legal, Vendor Management and Information Security to assess new vendors from a data protection perspective and put in place appropriate data protection contractual clauses.
- Maintain the business' Privacy Notice and manage distribution to data subjects.
- Develop and manage an effective data protection training and awareness programme designed to ensure that all staff are adequately trained on and are aware of compliance requirements.
- Contributing to horizon-scanning activities to ensure readiness for upcoming changes in laws and regulations, research and analysis on developments in privacy law.
- B.A./equivalent required.
- 3-5 years of experience in a compliance/legal function.
- Must have 3-5 years hands-on operational experience of data protection & privacy.
- Knowledge of national, European and Global data protection laws and practices including but not limited to an in-depth understanding of GDPR
- Experience of managing other security, data or risk regulatory frameworks with a security focus would be an advantage.
- Experience designing and managing compliance training programmes.
A comprehensive basic salary and financial services package