New permanent opportunity based in East Grinstead working for a leading organisation...
Morgan McKinley's Sussex team are looking for an experienced Data Protection - Privacy Officer to join their team. This is working for a very well established and reputable business based in East Grinstead, West Sussex. The main purpose of the Data Protection Officer role is to monitor data protection, data security and payment security compliance activities in focus and on track.
Working hours: 35 hour working week, Monday to Friday 9-5
Salary: £45,000 per annum plus excellent benefits
Duties and responsibilities will include:
- Provide advice and guidance on data protection requirements
- Working with key business stakeholders, conduct reviews of existing Data Protection Impact Assessments and develop new ones where necessary, recommending improvements to achieve compliance and reduce risk, and ensuring the delivery of any agreed recommendations
- Manage other in-house assessment processes, such as Data Security Checklists, Legal Bases for Processing Checklists and Legitimate Interest Assessments
- Take responsibility for the development and maintenance of registers such as Data Protection Privacy Notices and Records of Processing Activities
- Review and relaunch Privacy & Security by Design, working with business stakeholders and the IS Department as necessary
- Collate data and prepare responses to data subject requests, such as subject access requests and erasure requests, as well as requests from other organisations, such as law firms, law enforcement or government departments
- Design and implement a Data Security Compliance Champions programme across the business to build awareness and promoting all aspects of data privacy and security
- Contribute to the development and execution of training materials, awareness campaigns and training
- Write articles for company communications as well as guidance for the intranet presence
Skills and experience required for the Data Protection Officer role:
- Proven experience working in a similar Data Privacy or Data Protection type role
- Strong knowledge and understanding of UK data protection law, e.g. General Data Protection Regulation (GDPR), Data Protection Act 2018, Privacy and Electronic Communication Regulations (PECR) etc.
- Excellent experience of fulfilling data subject requests and other requests involving personal data
- Clear and accurate written and communication skills
- A recognised data protection and/or information security qualifications, e.g. GDPR Foundation or Practitioner, CIPP/E, CISSP, CISM
- Awareness of information security best practice, e.g. ISO 27001, COBIT and awareness of payment card industry standards and requirements, e.g. Payment Card Data Security Standard (PCI DSS)
- Excellent planning and organisation skills with the ability to manage conflicting priorities while meeting tight deadlines
Morgan McKinley is acting as an Employment Agency and references to pay rates are indicative.
BY APPLYING FOR THIS ROLE YOU ARE AGREEING TO OUR TERMS OF SERVICE WHICH TOGETHER WITH OUR PRIVACY STATEMENT GOVERN YOUR USE OF MORGAN MCKINLEY SERVICES.