Data Protection Lead

at  Huntress

A leading research company are looking for an experienced Data Protection Lead to join their team on an initial 18 month assignment. The successful candidate will lead data protection compliance activities across all sites, all functions and all business processes in the UK and also a business unit based in the Republic of Ireland.

Responsibilities:

• Be a subject matter expert on the theory and also the practical aspects of data protection compliance within our UK&I operations.
• Facilitate and own data protection compliance across our UK&I operations, whilst enabling our businesses to deliver their aims and objectives.
• Develop and implement a risk-based action plan to achieve compliance across all functions, including human resources, finance operations, health & safety, digital marketing, mobile apps and manufacturing operations.
• Work closely with legal and HR teams, functional data protection leads and business process owners.
• Stay up to date with changes in data protection laws in the UK (post Brexit) and also within the European Union (for our Republic of Ireland operations) and provide legislative foresight and lead change management.
• Support and project manage each site and function in identifying, mapping and assessing their business processes, carry out data protection impact assessments, legitimate interest assessments and draft privacy notices. Own and coordinate implementation of controls and mitigation measures for identified risks.
• Carry out due diligence on third parties processing personal data and ensure appropriate controls are in place.
• Build and lead a data protection network across UK&I, including training functional data protection leads and business process owners.
• Manage data breach incidents and subject access requests, including training, coaching and supporting functional data protection leads.

Skills/ Experience:

• Minimum of a GDPR Practitioner Certificate
• Desirable would be Certified Information Privacy Professional Europe (CIPP/E), Certified Information Privacy Manager (CIPM) or equivalent
• Significant experience in all aspects of managing data protection compliance.
• Excellent knowledge of data protection laws (UK GDPR, EU GDPR, Privacy and Electronic Communications Regulations (PECR)).
• Experience of using One Trust (desirable)
• Practical experience of vendor risk assessments, business process mapping, risk management (including reviewing contractual clauses, data processing agreements and privacy notices)
• Analytical thinker with sound business acumen and ability to converse with a wide variety of stakeholders within diverse business areas and offer practical solutions which are targeted to the actual risks.
• Ability to translate complex legal principles into pragmatic advice, whilst striking a reasonable balance between privacy constraints and business requirements.
• Team player with an ability to build up good relationships with colleagues and eager to learn.
• Ability to work autonomously, possessing excellent organisation skills and a process orientated mindset.
• Strong communication and interpersonal skills.
• Excellent stakeholder management skills across all levels.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.
We practice a diverse and inclusive recruitment process that ensures equal opportunity for all we work with, irrespective of race, sexual orientation, mental or physical disability, age or gender. As an organisation, we encourage applications from all backgrounds and will ensure measures are met when required, to allow a fair process throughout.
PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.
Date
03/04/2024
Job Ref.

• Be a subject matter expert on the theory and also the practical aspects of data protection compliance within our UK&I operations.
• Facilitate and own data protection compliance across our UK&I operations, whilst enabling our businesses to deliver their aims and objectives.
• Develop and implement a risk-based action plan to achieve compliance across all functions, including human resources, finance operations, health & safety, digital marketing, mobile apps and manufacturing operations.
• Work closely with legal and HR teams, functional data protection leads and business process owners.
• Stay up to date with changes in data protection laws in the UK (post Brexit) and also within the European Union (for our Republic of Ireland operations) and provide legislative foresight and lead change management.
• Support and project manage each site and function in identifying, mapping and assessing their business processes, carry out data protection impact assessments, legitimate interest assessments and draft privacy notices. Own and coordinate implementation of controls and mitigation measures for identified risks.
• Carry out due diligence on third parties processing personal data and ensure appropriate controls are in place.
• Build and lead a data protection network across UK&I, including training functional data protection leads and business process owners.
• Manage data breach incidents and subject access requests, including training, coaching and supporting functional data protection leads