Description
We have an urgent requirement, on behalf of our global IT client, seeking x2 experienced Data Protection and Privacy Consultants who will hold the prime responsibility for ensuring data protection by design and by default and that there are appropriate control frameworks and processes in place for Data Protection and Privacy within each client business environment. In addition, the successful Consultant will enhance maturity and aid compliance with legal, regulatory and commercial obligations.
This is an initial 2-3 months contract and due to the nature of the project, the successful candidate will be required to undergo a basic security vetting check.
The nature of what the client's Data Protection and Privacy Consultants do is highly specialist and consequently required appropriately trained and seasoned consultants who have experience of time on the ground delivering such services. The role is focused on providing consultancy and delivery of analysis and advisory services to clients in all Data Protection and Privacy related matters and aligning business processes and projects with associated laws, regulations and commercial obligations.
The position is to orchestrate and assess the privacy maturity (data protection by design) of client offerings, solutions and/or services and provide independent oversight, support risk remediation in relation to regulatory and commercial privacy requirements through:
Advising on and enhancing the data protection and privacy maturity of enterprise-wide client environments.
Defining and advising privacy vision, locating gaps, developing security architecture and creating a prioritized roadmap for privacy maturity.
Providing expert advice on selection, design, implementation and operation of Privacy controls and Privacy-enhancing Technologies.
Advising clients on the development and implementation of Privacy policies, processes & support infrastructure
Assessing where required that Privacy assurances to regulatory bodies are accurate, up to date and regularly reviewed. Supporting the creation of governance structures for Data Protection and Privacy maturity within client environments. 2 DPP Privacy L6
Supporting a management control structure to support client business compliance with country-specific data protection and privacy legislation.
Working with clients to ensure correct submissions are made to regulatory bodies where required.
Working with the client to run inventory audits of personal data held within a client in order to support Data Protection & Privacy processing activity assurances;
Facilitating the delivery of Data Protection and Privacy Threshold and Data Protection Impact Assessment and risk analysis and develop appropriate mitigation processes and control framework
Supporting the closure of preventative and corrective actions identified in Data Protection and Privacy Impact Assessments
Work with clients to develop and implement Data Protection and Privacy governance plans.
Supporting reviews of 3rd party contracts for and assurance of Data Protection and Privacy clauses in contracts and privacy notices/statements.
Working with client in reviewing systems, procedures, processes and providing expert guidance to ensure on-going alignment with Data Protection and Privacy obligations.
Essential skills and experience:
- At least 5+ years in a Data Protection and Privacy related role
- Detailed knowledge of privacy and associated data protection laws and regulations including, but not limited to, UK Data Protection Act 2018, the EU General Data Protection Regulation and associated legislation
- The ability to perform audits, assessments and analysis and a working knowledge and understanding of regulatory risk, particularly with regards to data governance and privacy.
- Seasoned experience and practical application and delivery of privacy & data protection programs
- Knowledge of sector-specific privacy obligations such as healthcare, finance etc.
- Detailed knowledge of global data transfer mechanisms and controls.
- Knowledge of Cyber and Information Security principles, methodologies and frameworks.
Qualifications:
Must have at least one of the following:
- IAPP or BSI
- Certified Information Privacy Manager - CIPM Certified Information Privacy Professional Europe - CIPP/E
- Certified Information Privacy Professional US - CIPP/US
- Certified Information Privacy Technologist - CIPT BCS/ISEB
- Certificate in Data Protection
- Data Protection Practitioner