Our client, a reputable financial services company require two mid-senior level data protection advisers/consultants to support their GDPR Programme Lead (also the GDPR SME) in ensuring the Group is prepared for compliance with the EU GDPR.
In particular, this will involve assessing the documented data processing environment and data flows against the requirements of the GDPR (and other applicable laws) to identify gaps and guide the business in addressing these.
- In-depth knowledge of EU GDPR and UK data protection laws, good practice, and the Regulator's approach
- Significant experience advising specifically on data protection/GDPR requirements from a legal or compliance perspective
- Must have had responsibility, with minimal supervision, for assessing, monitoring and/or auditing products/services/processing activities for compliance with data protection/GDPR laws and regulations
- Have worked with colleagues from all over the business, including IT professionals, to find practical, risk-based solutions to DP/GDPR compliance
- One adviser must have solid legal contracts experience i.e. identifying DP/GDPR risks and issues, defining controller/processor roles, advising on required due diligence standards and procedures, and reviewing necessary contractual terms and processing "instructions" (covering both the legal requirements and commercial liabilities flowing from the GDPR). Experience from both data controller and data processor perspectives highly advantageous.
- Involvement in designing, building, and embedding a privacy risk framework
- Experience working within a lending or wider retail financial services environment, or at least a strong understanding of the operational and regulatory environments of organisations within these industries
Skills & Knowledge
- Can translate complex DP/GDPR concepts and principles into meaningful and relevant information, and communicate these effectively
- Clear understanding of, and appreciation for, good governance, record-keeping, and audit trails
- Highly organised and methodical in approach
- Robust, yet flexible, in managing relationships and own workload
- Confident working with senior leadership/executives, and able to challenge effectively
- Comprehensive understanding of UK Data Protection and EU GDPR laws and good practice
- Must be prepared to offer pragmatic, risk-based options and recommendations
If you are interested in one of these two GDPR Consultant roles and have the relevant skills and experience then please apply now.