Group Data Protection Officer - London, United Kingdom - IQ-EQ

IQ-EQ
IQ-EQ
Verified Company
London, United Kingdom

2 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description
Company Description

IQ-EQ is a leading Investor Services group which combines global expertise with an unwavering focus on client service delivery. We support fund managers, global companies, family offices and private clients operating worldwide.


Job Description:


The Group is committed to achieving and maintaining compliance with data protection regulatory requirements and operating in line with industry best practice and the evolving expectations of regulators, clients and other key stakeholders.

The DPO is responsible for overseeing the Group's compliance with data protection regulations across all jurisdictions globally, with the aim of ensuring that all jurisdictions' processes are in accordance with policy and best practice.

As a member of the Group Risk and Compliance Department, the DPO ensures that privacy risk is adequately considered in line with other enterprise risk management practices.

Tasks (what does the role do on a day-to-day basis)

  • Design and deliver the Group's data protection compliance strategy.
  • Maintain the Group's data protection and privacy framework including a Data Protection Policy, privacy notices, impact assessments, etc.
  • Perform the role of the formally assigned Data Protection Officer where necessary across jurisdictions; act as a key contact for data protection matters for all stakeholders (staff, supervisory authorities and relevant third parties) across all locations globally.
  • Oversee all aspects of legal compliance with data protection regulation, including the ownership of a crossborder compliance monitoring program and the management of Data Protection Impact Assessments ("DPIAs").
  • Promote a culture of compliance across the group through the development and maintenance of a data protection training programme.
  • Complete delivery of the Group's Privacy Management System project and then serve as owner of the platform ensuring appropriate adoption and ongoing use across jurisdictions.
  • Serve as a data protection authority on Group projects including outsourcing initiatives, technology implementations, marketing engagements, etc.
  • Support the management of data protection incidents including data breaches and complaints in a timely and appropriate manner in line with regulation and internal policy.
  • Ensure timely processing and record keeping of individuals' requests in relation to their data protection regulatory rights, such as Subject Access Requests ("SARs").
  • Form collaborative working relationships with key persons in the business and guide a network of data protection leads/champions across jurisdictions and business lines.
  • Manage the relationship with the Group's Lead Supervisory Authority as well as authorities in other jurisdictions as required, and ensure that all necessary registrations are maintained as appropriate.
  • Assist in the creation and maintenance of inventories, registers and data maps used within the business to establish relevant processing activities.
  • Monitor changes in data protection laws which may impact any of the operating jurisdictions and ensure that such changes are appropriately implemented within the business.
  • Ensure that data protection risk is appropriately reported and escalated through the Group's established governance channels including the Group Information Security Committee and the Group Risk & Compliance Committee.
  • Serve as an independent escalation point for regional/business unit compliance officers and teams for any matter identified as requiring escalation into and/or enhanced support from Group.

Qualifications:


  • Extensive and indepth knowledge of GDPR and national and European Data Protection legislation is vital, together with a working awareness of complimentary regulations such as ePrivacy regulations, Human Rights Act, Privacy and Electronic Communications Regulations.
  • Understanding of technology and information security is required, in addition to a basic knowledge of the organisation and in particular the industry sector.
  • Ideally the role holder will be a certified data protection practitioner with strong experience (minimum 510 years) in a compliance/data protection environment with multijurisdictional considerations.
  • Experience leading on data protection issues within a substantial and complex organisation is required.
  • Proven ability to positively influence others and to deliver behavioural and cultural changes within a large organisation.
  • Demonstrable experience in identifying, setting and adjusting strategic priorities in a changing environment.
Required Experience

Education / professional qualifications

  • 5+ years of privacy and data protection experience.
  • Relevant industry certification (e.g. CIPP, CIPM, etc.) is desirable.
Background experience

  • Recent experience of working in a similar capacity, preferably in a financial services organisation.
Technical

  • Excellent knowledge of methodologies, processes and tools associated with
More jobs from IQ-EQ
See all jobs of IQ-EQ