We are seeking a Data Protection Analyst to take responsibility for ensuring adequate oversight of data, governance and ensuring the firm remains compliant with internal policies and the data protection regulations that apply across the Carey Olsen Group, and to carry out data protection related tasks as directed by the Information Risk Analyst or Group CISO.
The Data Protection Analyst is a junior to mid-level role that sits within the Group Information Security and Data Protection team.
This role can be based in one of our Guernsey, Jersey or Southampton offices.
​

• Assist with the coordination of the Group’s data protection activities.
• Analyse data processes and flows to identify potential risks and countermeasures.
• Provide the first point of contact for recording and coordinating the response to reported data breaches, escalating as needed.
• Assist with the monitoring and provide reporting that evidences compliance with data protection laws, group security controls, and internal operating procedures of any outsourced data processors.
• Support the development, implementation, and maintenance of data protection policies, procedures, and controls, and advise on data protection and privacy risks.
• Provide advice and support to business stakeholders regarding data protection impact assessments.
• Assist with the onboarding and assessment of third-party providers and sub-processors.
• Support the timely processing of data subject access requests.
• Assist with the coordination of an awareness program for the Group and its employees to facilitate adherence to relevant data protection regulations.
• Maintain records of all data processing activities undertaken by the Group, including the rationale and purpose of all processing activities, which must be made public on request.
• Ensure effective internal communication to facilitate ongoing employee engagement.
• Collaborate with technology and other business teams to maintain appropriate data privacy practices.
  ​