Salary - £50k + Bonus + Company Benefits
My client is a diversified international food, ingredients and retail group operating in 50 countries. Whilst some companies claim to be ‘the best thing since sliced bread’, this company actually are! In the 1930’s they introduced sliced bread to the UK for the first time.
Reporting to the Head of Governance Risk & Compliance (GRC), the Privacy Lead has responsibility for the ongoing management of a number of key controls which support the overarching governance, risk and compliance objectives of the group with specific regards to data privacy.
This role is focused on the definition, implementation and maintenance of controls and other provisions that support compliance with the EU General Data Protection Regulation 679/2016 and UK Data Protection Act 2018, as it applies to the role of the Group as a data controller and data processor.
You will support ongoing tactical efforts or initiatives that address the requirements of any internal privacy policies/objectives which are aligned to the framework that underpins the group’s compliance with GDPR. Work with the wider team to maintain a validated and assured position as to how all relevant privacy requirements are specifically met, in the role of the group as a data controller and data processor under GDPR.
You will ensure that any new or changed systems, platforms or processes are assessed to identify whether a Data Protection Impact Assessment (DPIA) is required (or to be updated) and provide guidance to operational teams in carrying out DPIA’s. Maintain a register of DPIA’s and instances where a decision was taken to not complete a DPIA.
The following experience, skills and personal characteristics will be key to success in the role:
- Good understanding of the privacy risks, issues and controls associated with IT systems, networks and applications that are commonly encountered within a large global organisation.
- Extensive experience of risk management principles as they relate to privacy, applied within a large global organisation.
- Good understanding of the role that privacy plays in the effective delivery of Supplier Assurance activities throughout the delivery and operational lifecycle, applied within a large global organisation.
- Experience of overseeing routine compliance activities in support of legislative, contractual or industry standard objectives, primarily associated with compliance under GDPR.
- Experience of project delivery processes/methodologies and the role that privacy plays in ensuring that privacy is built in to design and delivery activities.
- Proficiency in performing risk assessments, data protection impact assessments and in defining appropriate risk treatment strategies as required.
- Ability to establish effective working relationships across the local and wider IT/Business community with demonstrable examples of driving privacy initiatives.
- Strong understanding of the impact that privacy requirements can have on the business.
- Previous experience of working with legal, audit and compliance teams.
- Strong team building, leadership, motivation and communication skills to work as an effective member of the GRC team.
- Ability to undertake research/analysis/due diligence into technical issues, products, suppliers etc. and provide well thought out, user-friendly responses.
- Ability to prioritise and execute tasks in a fast-moving, service oriented environment and make sound decisions, occasionally under pressure and/or in emergency situations.
This is a very exciting opportunity to join a FTSE 100 company, please contact Sarah-Jane on 01908 886037 for further information