Data Protection Associate - Shrewsbury, United Kingdom - Cyber & Data Protection Limited

Description

• Provide client and internal support in the following areas:
• Guidance on the handling of Data Subject Access Request (DSAR).
• Assistance in the completion of Data Protection Impact Assessments.
• Security incident or Data Breach notification assessment support.
• Compliance policy overview and guidance with template support.
• Guidance on related Regulatory Legislations and proposed changes.
• Assistance and guidance with internal 3rd party procurement process.
• Advisory support for ad hoc Data Protection and compliance queries.

• Support the delivery of the requirement as per defined under Article 39 of the GDPR.
• Risk assessment and advise in relation to incidents and breaches where supervisory authority notification may be required.
• Risk assessment and advise in relation to incidents and breaches where Individual Data Subject notification may be required.
• Advisory and feedback on Compliance Agreement Documentation (e.g. DSA) to support Supplier / 3rd party risk assessment.
• Assistance in the completion of risk assessment, risk mitigations and approval / sign off of Data Protection Impact Assessment.
• Assist with Scoping assessment to determine the current client's organisational health in relation to the Data Protection Compliance requirement.
• Contribute to the creation of Roadmaps, to assist, direct and drive the organisation to meet their legal obligations and standards.
• Scoping assessment outcome using RAG status to allow for highrisk area of deficits to be addressed hence reducing risk landscape.
• Policy, procedure. Standards and guidelines review / update in line with a control framework for documentation audit and in line with current legislations.

• An indepth knowledge of data protection laws within the UK (UK GDPR).
• An ability to think strategically, assess risks and explain the potential consequences.
• Experience in drafting policies, interpreting legal contracts and report writing.
• Confident presentation skills.
• Attention to detail.
• Sufficient commercial awareness to understand, manage and navigate client expectations.
• Project management skills to successfully manage a portfolio of clients with competing priorities.
• Excellent communicator at all levels, ability to deliver a clear message to a wide variety of audiences.
• Ability to challenge the status quo in a constructive manner.

• Hands on IT and/or Cyber security in an operational capacity
• Stakeholder management (working with 3rd parties and/or external vendors)
• Data Protection related roles, 3 years (preferred)

• Excellent knowledge of IT infrastructure, cyber security and ISO certifications
• Specific knowledge of the Large Third Sector, Legal, Financial, Manufacturing and Engineering and Private Education sectors.
• Awareness of other worldwide data protection laws.
• Stakeholder management; able to compel individuals toward an optimal solution.

• Company pension
• Flexitime
• Onsite parking
• Work from home

• Flexitime
• Monday to Friday

• Yearly bonus

• For the interview please be prepared to conduct a short presentation. With the proposed changes through the Data Protection and Digital Information (No. 2) Bill, the government has now delivered its muchanticipated consultation outcome essentially a shopping list of what the Data Reform Bill will and will not seek to amend when it comes to data protection, cookies and privacy law in the UK. During the interview we will ask you to present what you think the 5 key changes are, what they could potentially mean for our clients, and how you would advise them to prepare.

• Shrewsbury, SY1 3EH (preferred)

• Shrewsbury, SY1 3EH: Relocate before starting work (preferred)

• 25% (preferred)