Taylor Root are pleased to be working with a well-known professional services firm to recruit a Group Data Protection Officer who will also act as the Group Head of Compliance. The business is one of the most recognisable brands in their sector and has exciting plans to expand into new markets. Our client is globally listed with revenues in excess of one billion USD and has operations in over 20 countries.
Reporting to the Group General Counsel, you will lead the development of the Company's Compliance Programme, setting and building out the framework for managing the business integrity risk areas and acting as the company's subject matter expert for data privacy laws and regulations for the company, providing direction, guidance and advice to all the subsidiaries within the group.Key responsibilitiesData Protection
· Act as DPO and providing data protection subject matter expertise
- Draft and update data privacy policies, procedures, processes and controls suitable for the Group, in line with applicable data privacy laws and regulations, including the GDPR.
- Serve as the primary point of contact and liaison for the Information Commissioner and other EEA Data Protection Authorities and the organisations designated representative in Europe on all data protection related matters under the UK GDPR and other relevant legislation.
- Working cross-functionally to resolve individual privacy compliance issues/questions and investigations, assessing causes, developing and recommending corrective actions.
- Develop and implement the global Ethics and Compliance Programme Framework ('Programme')across the Group, including areas including but not limited to data protection, ABC, competition, speak up, conflicts of interest, modern slavery and sanctions and export controls
- Lead the strategic direction and growth of the Programme in line with the changes, development and strategy of business operations to ensure the success of the company.
- Conduct regular ethics and compliance risk assessments throughout the company.
- Working with Procurement on the company's third-party due diligence and risk assessment programme.
- Facilitate and support the company's whistleblowing line process.
- At least 8+ years post qualification in law, finance or a related discipline.
- Expert knowledge of key aspects of privacy laws in the EU and other countries, including the US. Particular expertise in national and European data protection laws and practices and an in-depth understanding of the GDPR
- Extensive experience of implementing data protection programmes across a large organisation.
- Experience of developing compliance programmes in a globally recognised organisation.
- Knowledge and understanding of key compliance legislation including the UK Bribery Act 2010, the US Foreign Corrupt Practices Act, the UK Proceeds of Crime Act 2002, GDPR, UKDPA
- Strong stakeholder management and influencing skills with the ability to communicate effectively in writing and verbally with a wide range of audiences -from the Board to the broader organisation