Data Privacy Advisor - GDPR / Data Protection

Woolf Group
18 May 2017
16 Jun 2017
Contract Type
Full Time

Currently seeking an experienced and proactive Privacy Advisor to join a well established and highly ambitious organisation in West London. This is an exciting time to join the company as they embark on an accelerated period of growth and change

• Lead on all Data Protection related matters within business and the development of a privacy strategy.

• Be the point of contact for all privacy related queries and assist colleagues in the resolution of such queries.

• Maintain the Data Protection Dashboard and have visibility of all data protection related registers and liaise with register owners to facilitate regular reporting.

• Support the team in identifying privacy and security risks and requirements to new IT projects and business change/initiatives and communicating those to stakeholders.

• Assist the Head of Information Security to prepare performance metrics and other data protection updates to the leadership team.

• Perform Privacy Impact Assessments (PIA).

• Work collaboratively with stakeholders, via the Information Security Working Group (ISWG) forum, to help embed security and privacy principles and drive good behaviours.

• Support colleagues in investigating any security incidents involving personal information.

• Support the delivery of the enterprise wide information security and privacy awareness training as well as topic based initiatives.

• Lead on and support the delivery of the GDPR Programme including:

- Engaging relevant stakeholders to facilitate buy-in, decision making and advance the programme.

- Supporting and contributing to any information and systems audits, and any data mapping exercises.

- Drafting policies and procedures.

- Rolling out the supplier assurance program, including undertaking supplier assessments and coordinating data processor contracts.

- Developing a privacy audit capability and conducting regular reviews and checks to ensure compliance.

- Delivering a programme of education and awareness around GDPR.

- Managing various GDPR projects.

• Keep track of any regulatory guidance and trends at national and EU levels, and communicate such changes to relevant business stakeholders.