Product Features
Blog
Contact Us
Sign In
MERJE Ltd
,
Newport, Gwent
Data Protection Manager
|
|
Job Type: Full-time |
|---|---|
|
|
Salary: £60,000 per annum |
Overview
This is a critical role for the business and will take accountability for ensuring the Data Protection Framework is robust and in line with industry peers. The role reports to the DPO and is essential in ensuring that the business complies with the relevant data protection laws, in particular GDPR, and highlighting any potential and actual issues to the appropriate management up to and including the Board. The Data Protection Manager will lead in providing assistance and guidance on all data protection related matters under the GDPR to all staff within Target. This role will ensure that all the required records and processes relating to data protection and data privacy are in place and regularly reviewed and gaps addressed. Key responsibilities include: Managing data protection and data privacy risks as defined and understood in the Enterprise Risk Management Framework Working with key internal stakeholders in the review of projects and the related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments Monitoring changes to local privacy laws and making recommendations to the DPO and relevant Risk Committees when appropriate Collaborating with the Risk and Information Security functions to maintain records of all data assets and exports, and maintaining a data security incident management plan to ensure timely remediation of incidents including impact assessments, security breach response, complaints, claims or notifications, and responding to subject access requests (SARs) Ensuring that the business processes and IT systems/procedures comply with all relevant data privacy and protection law, regulation and policy (including in relation to the retention and destruction of data) The Person: Sound knowledge of Data Protection Legislation Significant experience in Data Protection and Privacy practices Significant experience in Information Security within the business and technology Data Protection and/or Privacy certification, e.g. CDPO, CIPP, CIPM, CIPT Information Security certification, e.g. CISSP, CISM