Data Protection Manager

11 Jan 2018
16 Feb 2018
Contract Type
Full Time

Data Protection Manager
Contract: Permanent / full time
Based: Scunthorpe
Salary: Competitive + benefits
Reports to: Financial Controller

Job Purpose: Establish, build, lead and manage the day to day activities of Data Protection & Information Governance to ensure Nisa’s ongoing compliance with current and future data protection regulations, and industry good practice.

Job Overview: The Data Protection Manager will be responsible for defining the Data Protection strategy & improving Nisa’s information governance framework. This will involve working proactively with the DPO, the IT Security function and wider business to implement a culture of data protection, including development of the ongoing internal training programme, and business process improvement.

Job Knowledge:
• Previous experience within Data Protection compliance field, able to demonstrate strong understanding of upcoming GDPR and PECR legislation
• Commercial background, able to assess business risk appetite vs compliance
• Monitoring changes in Privacy and Data Protection laws and regulations to ensure company adoption and compliance
• Strong understanding of risk management practices and their application
• Serve as Nisa’s subject matter expert on all Privacy and Data Protection laws and regulations
• Excellent communication skills - confident and articulate communicator liaising with both internal and external stakeholders
• Building effective relationships
• Ability to work pro-actively, be results oriented, self-driven and to work independently
• Reporting and presentation skills for communicating Privacy and Data Protection risks, risk mitigation measures and compliance activities to key stakeholders and senior management
• Good general IT skills including Word, Excel, PowerPoint and Visio

Specific Areas of Work:
• Maintain a central document management system of all data protection and governance policies and supporting control documents
• Ensure that the policies required as part of the Data Protection & Governance Framework are maintained, executed and complied with
• Work with the business and IT stakeholders to ensure that business processes, systems/applications and procedures are effective in meeting the current and future data protection legislation
• Develop a risk-based programme of ongoing data compliance, approved by the DPO and applicable internal governance committees
• In partnership with IT Security, appoint and manage Business Data Owners, ensuring that they comply with agreed processes and procedures to maintain the ongoing level of data integrity
• Manage the Subject Access Request (SAR) process, ensuring that SARs are legally compliant and of appropriate quality
• Maintain Nisa’s definition of 'lawful basis for processing’, including carrying out Privacy Impact Assessments as and where required
• Act as the central point for Nisa to co-ordinate and report all data breaches to the DPO in accordance with regulation and legislation
• Provide regular KPI / reporting to the DPO, and in turn the Nisa Board, to enable appropriate management of data governance and compliance
• Responsible for co-ordinating any external investigation from the Information Commissioner’s Office (ICO) or governing authority on behalf of the DPO
• Work with the IT Security Team and Human Resources to develop Nisa’s ongoing training programme to ensure that employees understand and comply with their duties under data protection law
• Deputise for the DPO at key meetings as and when required

Preferable Experience:
• Experience of the Retail sector
• Recognised qualifications in Data Protection (such as CIPP/E, CIPT, CIPM)

Personal Attributes:
• Objective and willing to challenge the status quo
• High degree of self-motivation, self-discipline and enthusiasm to succeed
• Self-starter and results orientated
• Strong degree of ownership & accountability
• Excellent attention to detail & persuasive writing skills
• Ability to inspire trust, influence others, promote collaboration and intra team working
• Ability to manage multiple priorities

In order to apply for this role, please click 'Apply' to continue your application. Please ensure you include details of your current remuneration package.