Data Protection Officer

Be the first to see
all new Data Protection Officer jobs

Data Protection Officer Job Description Template

Our company is looking for a Data Protection Officer to join our team.

Responsibilities:

  • Responding to any ad hoc Data Protection queries raised by the School;
  • Leading the response to Data Breaches and Data Rights Requests; including communicating with Data Subjects and Regulators;
  • Creating contemporaneous reports of the issues found in the assessment and recommended actions to resolve said issues;
  • Management of any data privacy breaches, working to identify root causes, mitigate risks and prevent reoccurrence;
  • Ensuring there are appropriate documented procedures for complying with the requirements of the policy and regulation;
  • Leading privacy-related education and training initiatives;
  • Identifying and conducting assessments, and embedding best practice across the Group;
  • Leading on the creation and ongoing review of data-related policies and standards, on effective implementation, monitoring and reporting;
  • Hands on collaboration at scale using Agile working models and frameworks;
  • Developing and overseeing the implementation of Data Protection Policy in line with regulatory requirements;
  • Horizon scanning on privacy topics and ensuring business readiness;
  • Contribute to team development, scaling, efficiency and improvement;
  • Ensuring there is a process for complying with a data subject’s rights to be forgotten, when they exercise them;
  • Ensuring appropriate training is provided to all staff in order that they can comply with the policy and GDPR requirements;
  • Building and managing relationships with internal and external stakeholders, including data regulators and auditors.

Requirements:

  • Well-developed and professional interpersonal skills; ability to interact effectively with people at all organisational levels;
  • Ability to undertake large, long-term projects, develop alternative methods to complete them, and implement solutions;
  • Education: Law degree or Masters in Law required;
  • Sufficient knowledge of information technology and data management systems required;
  • Ensuring there is a process for complying with a data subject’s rights to be forgotten, when they exercise them;
  • Ensuring appropriate training is provided to all staff in order that they can comply with the policy and GDPR requirements;
  • Challenging the business on their effectiveness and control environment in managing personal data;
  • CIPP/E/M Certificate or equivalent recognised professional standard;
  • Strong change and project management skills, including the ability to manage time well, prioritise effectively, and handle multiple deadlines;
  • Ensuring there are appropriate documented procedures for complying with the requirements of the policy and regulation;
  • Excellent presentation and writing skills;
  • familiarity with cloud software security systems;
  • happy speaking to, and influencing at, C suite and board level;
  • International travel will be required;
  • Ability to use independent judgment and discretion when making the majority of decisions.