£55K/yr to £65K/yr
Mid Sussex, England
Permanent, Variable

Data Security Compliance Officer

Posted by Lloyd Recruitment Services Ltd.

Data Security Compliance Officer

Salary: £55k - £65k
Location: East Grinstead
Benefits: 25 days holidays plus bank holidays on top, Monday to Friday 9am-5pm, Hybrid working, Pension contribution, Life assurance, Free parking on-site, Company discounts across retail and hospitality

Purpose of Job:

The selected candidate will join a small, friendly Data Security Compliance Team and play a crucial role in maintaining focus and adherence to data protection and security compliance activities.

Principal Accountabilities:

  • Working with business stakeholders, be primarily responsible for the management, review and continual improvement of the Data Protection Impact Assessments (DPIAs) process.
  • Take primary responsibility for the end-to-end process of preparing responses to data subject requests under the UK General Data Protection Regulation (UK GDPR).
  • Enhance internal documentation and communications related to the data subject request process, ensuring clarity of responsibilities for other departments, and optimising the team's handling of requests in compliance with UK data protection legislation.
  • Collaborate with the team to develop and integrate tools for the data subject request process, including platforms like Privacy Rights Automation module.
  • Conduct reviews of existing Data Protection Impact Assessments (DPIAs) and Legitimate Interest Assessments (LIAs), recommend improvements, and monitor the implementation of agreed recommendations.
  • Streamline in-house assessment processes and documentation, such as Data Security Checklists, Consent Checklists, DPIAs, and LIAs.
  • Manage and continually improve other assessment and accountability processes, such as Legal Basis for Processing Checklists, Legitimate Interest Assessments (LIAs) and Records of Processing Activities (ROPA).
  • Contribute to the review and potential relaunch of company-wide processes like Privacy & Security by Design, working with stakeholders and the IS Department.
  • Assist in refreshing and communicating the company's Data Security Policy set.
  • Contribute to the development of training materials, awareness campaigns, and eLearning training rollouts.
  • Support the Data Protection Officer (DPO) in communicating the importance of data security compliance across the company, including producing company communications and intranet content.
  • Tackle ad hoc challenges, find solutions for implementation, and prepare responses to general queries received by the team.
  • Represent the team and provide privacy guidance in meetings and events where necessary.
  • Attend industry events, conferences, and seminars to stay updated on the threat landscape and legislative changes.

Essential Skills & Experience Required:

  • Strong knowledge of current and upcoming UK data protection laws, including the UK GDPR, Data Protection Act 2018, and Privacy and Electronic Communication Regulations (PECR).
  • One or more recognised data protection qualifications, e.g. UK GDPR Practitioner, CIPP/E, CIPM.
  • Extensive experience in fulfilling data subject requests under the UK GDPR.
  • Familiar with information security best practice, e.g. ISO 27001, Cyber Essentials.
  • Awareness of payment card industry standards and requirements, i.e. Payment Card Data Security Standard (PCI DSS).
  • Ability to work independently and collaboratively to achieve team objectives.
  • Team experience focusing on providing guidance and advice about UK data protection law.
  • Willingness to undertake some administrative tasks to support team efficiency.
  • Excellent planning and organisational skills with the ability to manage conflicting priorities and meet tight deadlines.
  • Clear and accurate written and communication skills.
  • Extremely confident general IT skills, ideally primarily with use of Google Workspace and Adobe Acrobat Pro (see below) but as a minimum, with Microsoft Office / O365 software suites.

Desirable Skills & Experience Required:

  • Highly proficient and accomplished use of Google Workspace (Gmail, Drive etc), Microsoft Office (Outlook, Word and Excel in particular) and use of the redaction tools and other key features in Adobe Acrobat Pro.
  • Familiarity with payment card industry standards and requirements (PCI DSS).
  • Information security certifications such as CISSP or CISM.

Refer a friend and earn a retail voucher worth up to £500!

Unfortunately, due to high numbers of applications, we are only able to respond to shortlisted applicants. If you have not heard from us within 5 days, please assume that you have not been shortlisted on this occasion.

By applying for this vacancy, you accept Lloyd Recruitment Services Privacy and GDPR Policy which can be found on our website and therefore gives us consent to contact you.

Lloyd Recruitment Services are acting as a recruitment agency in relation to this vacancy and are an equal opportunities employer.

Related

We use cookies to measure usage and analytics according to our privacy policy.