Data Protection Manager, Compliance (Top Law firm)
Data Protection (Compliance ) Manager
£60,000 + Bonus + bens
Manchester or Leeds
A leading UK Top 100 law firm known for its strong reputation for its 'investors in people' and with a network of offices across the country are now expanding their Compliance, Quality and Risk department. Therefore, this newly created Data Protection Manager role has arisen to join their ambitious team. The role can be based either in Manchester Leeds, Northampton or Birmingham.
The role itself:
Quality and Risk is at the heart of everything that this law firm do and is in line with their strategic goals to develop and grow. The Q&R Directorate works across all offices and is fully supported by the Chief Executive, the Compliance Officer for Legal Practice and senior management. The Directorate helps and supports everyone in the firm to ensure that the firm meets all of its regulatory and legislative objectives and ensure that risk management processes are embedded into the firm’s culture.
We are seeking an additional subject matter expert who will be instrumental in helping this firm achieve their team and firm objectives. Ideally, you will have a proven track record in advising, managing and delivering solutions across compliance and risk matters. More specifically, detailed knowledge of Data Protection Act (DPA) and the General Data Protection Regulation. Knowledge of the SRA rules, the Law Society of Scotland rules, Money Laundering Regulations 2017, the Proceeds of Crime Act 2002 and FCA rules would be an advantage.
The preferred candidate will have a passion for compliance and thrive in working with complex and at times demanding matters. This will suit a commercially minded compliance expert with a passion in delivering exceptional service across all levels
- Maintains, reviews and oversees the whole firm Data Inventory (DI), in liaison with Information Security
- Coordinates Subject Access Requests across the business.
- Coordinates data destruction requests (Client/Customer/Employee).
- Coordinates data portability requests.
- Coordinates change requests i.e. Privacy Notices/Customer Information Notices.
- Coordinates Data Breaches and assists with resolution and actions.
- Reviews Privacy Impact Assessments to ensure the firm are undertaking these as required.
- Undertakes root cause analysis of data breaches and incidents and resultant best practice actions.
- Have oversight of regulatory development in data protection and leading the change requirements across the business.
- Undertake relationship management with the Information Security team.
- Identify Data Protection education and training requirements in liaison with Learning and development and the firm’s Practice Groups.
- Monitoring of data protection activity across the firm, including where appropriate floor walking and identification of potential breaches.
- Previous legal sector experience and an understanding of practice groups are preferred
- Experience and understanding of SRA rules
- Experience and understanding of FCA rules
- Proven experience of working at a senior level within a risk and compliance environment within professional services
- Experience and understanding of Data Protection Act and the GDPR
- Experience of managing processes and assisting in project delivery.
- Experience of writing clear policies, processes and procedures in plain English
- Experience of dealing with multiple requests and coordination across the business
Please send in your CV for more information on this opportunity.