General Data Protection Regulation (GDPR) Lead
Europe’s leading e-Infrastructure and Network provider requires a General Data Protection Regulation (GDPR) Lead.
This is a senior position responsible for leading preparations and readiness for 'go-live’ of the new GDPR. This includes corporate and regulatory compliance, administrative functions, and risk management, related to the organisation, backbone network systems, and broader community information GDPR and regulatory matters.
- Accountable for ensuring compliance with all related privacy and data protection regulations;
- Be involved, properly and in a timely manner, in all issues that relate to the protection of personal data;
- Maintenance of relevant registrations and build excellent working relationships with the UK ICO, Dutch DPA and such other DPAs and European Agencies as may be appropriate or desirable;
- Provide a best in class Data Protection and Privacy information hub and consultancy service and across the community. Ensure the company maintains its position at the centre of Data Protection and Privacy advice, best practice and information brokering;
- Accountable for maintenance and implementation of the action plans that derive from compliance activities;
- Lead on the resolution of data protection complaints from the public and staff. Lead on all requests from individuals, and own the means to capture, process and close such requests.
- Cooperate with and act as the contact point for the relevant supervisory authority on issues relating to processing and consult, where appropriate, with regard to any other matter.
In addition to the above you will carry out such other duties as may reasonably be required.
You will be required to travel within Europe in this role, and may occasionally be required to travel outside Europe.
Qualifications, experience and knowledge:
- The role is expert in, and requires the ability for interpretation of specific regulation and legislation (Data Protection Act, General Data Protection Regulation, Privacy and Electronic Communications Regulations, legislation/regulation and guidance), relating to the way in which the organisation and wider community holds and uses information, personal data, including customer propositions and products, and to the supply, sales and delivery of those to customers.
- Bachelor's degree in a related field
- Significant experience in a large, complex environment with primary focus of activities in regulatory compliance and risk management
- Strong execution focus
- Broad and current understanding of security risks and controls
- Demonstrable experience of working closely with IT/IS functions to establish pragmatic/optimum security solutions to identified risks
- Proficient in taking complex/technical subject matter and refining/presenting to the business at any level so as to result in understanding and appreciation
- working knowledge of ISO 27001, Data Protection and other regulatory environments
- ITIL V3, CobiT, COSO, ISF
Cambridge or Amsterdam