Data Protection Officer - Oxford, United Kingdom - Ellison Institute of Technology

Ellison Institute of Technology
Ellison Institute of Technology
Verified Company
Oxford, United Kingdom

3 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

Salary Range:
£60,000 - £80,000, dependent on experience

Location:
Central Oxford

Contract:
Permanent

Hours:
Full-time

Reports to:
Director, Legal

Our Mission
Please visit for more details.


We are a mission led, start-up, rapidly scaling company and seek a Data Protection Officer to help build out our data and DPO function from the ground up.

We are committed to ensuring that all of our data is protected and that our work complies with data protection legislation.

The DPO will improve our management of potentially sensitive information, conduct regular internal security audits, and serve as the main point of contact between The Ellison Institute of Technology (EIT) and data protection authorities.

The Data Protection Officer (DPO) plays a crucial role in safeguarding data privacy within our organisation.

They are responsible for educating employees about data compliance, training staff involved in processing data, and conducting regular security audits.

Additionally, they serve as the primary liaison between our company and relevant data protection authorities.


Duties/Responsibilities:


May include some or all of the following:

  • You'll lead the establishment of robust data protection processes, including Data Protection Impact Assessments (DPIAs), Data Processing Agreements (DPA), and a comprehensive risk register.
  • Conducting a thorough audit of our current data handling practices, you'll identify areas for improvement and develop benchmarks to ensure compliance with data protection regulations.
  • To provide expert, strategic data protection, advice and leadership to ensure compliance with Data Protection legislation. Advising and informing the organisation and its employees of their obligations pursuant to current Data Protection legislation and on the appropriate disclosure of personal Information.
  • To manage the investigation and response to personal data breaches and data security breaches in accordance with EIT policies.
  • To develop and manage EIT's processes for responding to access to information requests; taking steps as required to ensure that compliance adequately satisfies the requirements of the statutory code.
  • To lead the development of policies, protocols, training and guidance in connection with Information Compliance issues.
  • To manage Information Compliance related content on the EIT web site and internal intranet.
  • To represent EIT as a member or leader of working groups, project teams, etc; regionally, nationally and within EIT to address Information compliance issues affecting EIT and its partners.
  • Working closely with crossfunctional teams, you'll create essential documentation, policies, and procedures to guide data protection practices across the organisation.
  • Provide practical advice to the business on a broad range of data protection related matters.
  • Assess risk and ensure regulatory deadlines are met.
  • Develop the Data Protection compliance monitoring programme for Data Protection across the Group, working collaboratively with the business.
  • Ensure Privacy by Design requirements are met and privacy risks are managed.
  • Lead, support and participate in working groups that promote privacy and provide ongoing support across the organisation.
  • Deliver training and awareness of Data Protection across the Group.
  • Develop existing Policy Documentation, Processes Notices and Procedures and related practical guidance.
  • Keep up to date with the latest changes in applicable legislation, industry news and guidance.
Any additional duties or tasks, as requested by leadership, commensurate with job role.


Person Specification

Essential Knowledge, Skills and Experience

  • Knowledge of current/proposed UK privacy and data protection legislation (including the Data Protection Act, UK General Data Protection Regulation and Human Rights Act).
  • Prior experience in data protection, privacy law, or information security is essential for this role.
  • Demonstrated expertise in conducting DPIAs, developing DPAs, and maintaining a risk register.
  • Practical experience operating within a Data Protection role, demonstrating the capacity to manage activities within both project lifecycle and departmental BAU compliance environments.
  • Experience of translating Data Protection legislative requirements into pragmatic and practical advice.
  • Must have worked in either a startup or rapidly scaling business.
  • Expert knowledge of UK data protection law.
  • Practical experience of two years or more in developing and implementing data protection related policies, processes and procedures as part of a privacy program.
  • Experience in working collaboratively with project teams to ensure Privacy by Design and Default requirements are being met.
  • Able to provide riskbased, considered and practical advice to the business on a broad range of Data Protection related matters.
  • Ability to handle confidential information with integrity and impartiali
More jobs from Ellison Institute of Technology
See all jobs of Ellison Institute of Technology