GDPR Consultant

Posted 8 March by The Northview Group Easy Apply

The GDPR Programme requires two (2) mid-senior level data protection advisers/consultants to support the GDPR Programme Lead (also the GDPR SME) in ensuring the Group is prepared for compliance with the EU GDPR. In particular, this will involve assessing the documented data processing environment and data flows against the requirements of the GDPR (and other applicable laws) to identify gaps and guide the business in addressing these.

The roles will require a comprehensive understanding of UK Data Protection and EU GDPR laws and good practice, as well as how they can be applied and managed. Both advisers will be engaged in all aspects of the GDPR, including educating/training GDPR team members and the Business. We are not looking for someone who dictates the rules from a distance; (s)he must be prepared to offer pragmatic, risk-based options and recommendations.

One adviser will have a particular focus on Third Party Relationships, working closely with procurement and business colleagues to risk-assess all relevant third party arrangements, review the status of contract compliance, and support the Group in devising a commercial and legal strategy to bring existing relationships/contracts in line with the GDPR, as well as assist with the creation of new policies and procedures for future engagement and monitoring of relevant third parties.

Experience Requirements

In-depth knowledge of EU GDPR and UK data protection laws, good practice, and the Regulator’s approach

Significant experience (min 5 years) advising specifically on data protection/GDPR requirements from a legal or compliance perspective

Must have had responsibility, with minimal supervision, for assessing, monitoring and/or auditing products/services/processing activities for compliance with data protection/GDPR laws and regulations

Have worked with colleagues from all over the business, including IT professionals, to find practical, risk-based solutions to DP/GDPR compliance

One adviser must have solid legal contracts experience i.e. identifying DP/GDPR risks and issues, defining controller/processor roles, advising on required due diligence standards and procedures, and reviewing necessary contractual terms and processing "instructions" (covering both the legal requirements and commercial liabilities flowing from the GDPR). Experience from both data controller and data processor perspectives highly advantageous.

Involvement in designing, building, and embedding a privacy risk framework

Experience working within a mortgage or wider retail financial services environment, or at least a strong understanding of the operational and regulatory environments of organisations within these industries

Skills & Knowledge

Can translate complex DP/GDPR concepts and principles into meaningful and relevant information, and communicate these effectively

Clear understanding of, and appreciation for, good governance, record-keeping, and audit trails

Highly organised and methodical in approach

Robust, yet flexible, in managing relationships and own workload

Confident working with senior leadership/executives, and able to challenge effectively

Can think strategically, as well as deal with the details

An understanding of information technology

Required skills

  • Data

Reference: 34351364

Bank or payment details should not be provided when applying for a job. is not responsible for any external website content. All applications should be made via the 'Apply now' button.

Report this job