Role - Data Security & Compliance Specialist
Contract - 6 Months
Rate - Negotiable
This is a critical role within the Information Security and Compliance team and will be responsible for effectively reviewing, developing, implementing and maintaining data security policies and procedures in line with GDPR.
You will educate the company and its employees on important compliance requirements, train staff involved in data processing, and conduct regular security audits and continually improve the ways departments and employees process data.
To be successful in this role, you should have in-depth knowledge of GDPR and local data protection laws. You should also know how to perform audits to our current procedures.
Ultimately, you will facilitate GDPR compliance and excellent data through transparent data protection policies, systems and procedures.
You will act as point of contact for all data security and processing compliance to adhere to international data privacy laws and will have ownership of Data retention and Data classification policies, ensuring they are implemented and regularly audited.
You will maintain Article 30 document of records and identify and evaluate the company's data processing activities, ensuring documents are maintained. You will also document Data Protection Impact Assessments (DPIAs) for new projects.
Data management procedures and compliance within the company will be key and you will participate in meetings with managers to ensure privacy by design at all levels, whilst continually looking to improve the ways departments and employees process data.
Audits will be performed on a regular basis and you will offer consultation on how to deal with privacy breaches, arrange training on GDPR compliance and data security for employees and follow up with changes in law and issue recommendations to ensure compliance.
Required Skills and Experience:
* Significant work experience in data protection and legal compliance
* At least one of CIPT or CIPP or CIPM certifications.
* Solid knowledge of GDPR and national data protection laws
* Knowledge of data processing operations, DPIA, Data Protection Notices and international data privacy laws
* Ability to handle confidential information
* Ethical, with the ability to remain impartial and report all non-compliances
* Management of DSAR and Data deletion requests
* Experience in providing training and awareness.