Location
About the job
Job summary
DBT supports UK businesses to grow, create jobs and take advantage of the global appetite for British goods and services, as well as to assist international companies to collaborate with UK suppliers. We are based in Whitehall but also have offices both across the country and around the world.
KIM play an important role within the Department for Business & Trade. It is imperative that systems and procedures are in place so that material is held securely, and knowledge is not lost and procedures are sustainable to ensure that information is managed, controlled and exploited.
We are seeking a Data Protection Risk Assurance Manager who will lead on key areas of work in the Data Protection Team. The successful candidate will play a lead role in promoting data protection compliance across DBT and manage/lead on complex data protection assurance activity.
The Data Protection Team sits in the KIM Team. Key KIM functions and responsibilities/ownership include information management, governance, organisation transparency, freedom of information, data protection and records management.
This is opportunity for the right candidate to develop within a high performing team. The successful applicants will play a key role in supporting the Head of Data Protection (and DPO) as they inform and advise DBT on data protection obligations under UK GDPR.
Job description
DBT’s Data Protection Team has recently expanded, and you will play a pivotal role in supporting organisational compliance.
You will play a lead role in the Data Protection Risk Assurance Team which sits alongside the Data Protection Compliance Team and Data Protection Advocacy Team under the Head of Data Protection / Deputy DPO. You will work closely with another Senior Data Protection Advisor.
You will be assisting with the implementation of UK GDPR compliance into ‘business as usual’ activities in DBT, leading on major assurance activity in the department. You will play a key role in performing complex/high-profile Data Protection Impact Assessments (DPIAs), engaging effectively with project leads and key stakeholders to identify and mitigate compliance risks.
You will play a lead role in developing organisational compliance and will be a knowledgeable source of expertise for the wider business.
Data Protection Risk Assurance Manager
This is a high-profile role requiring regular interaction with senior leadership. You will be directly supporting the KIM Head of Data Protection in delivering the KIM Data Protection Strategy. You will also:
- Provide expert, well-structured and detailed advice and guidance to colleagues about their obligations under data protection legislation, ensuring a quality level of service is provided in the timely and expert identification of risk and proposal of appropriate mitigations.
- Provide team leadership in managing Data Protection Risk Assurance Advisers in their work as part of DBT’s Information Risk Assurance Process, serving as a key contact with personnel in the process, and personally performing DPIAs on complex and high profile projects.
- Liaise with internal/external stakeholders to advocate DPIA processes, seeking engagement from key partners and maintaining channels of communication with key personnel.
- Support initiatives to build-upon and enhance privacy-by-design features within assurance processes.
- Manage key compliance activity, including skilled drafting of privacy information, contract reviews and establishing data-sharing agreements/MoUs.
- Assist the Deputy DPO and serve as a key source of expertise within the team.
- Assist with the implementation of GDPR compliance into ‘business as usual’ activities. You will help to implement and support organisational policies and processes with handling data to ensure adherence with data protection law and DBT policies, developing the capability of the team in its assurance role.
- Hold responsibility for developing the RoPA within DBT’s Information Asset Register, building the tool into a reliable data inventory.
Person specification
The successful candidate will:
- Be an enthusiastic individual who is able to work collaboratively with other team members to deliver high quality work in a pressured environment.
- Possess strong written and verbal communication skills, and the ability to confidently engage with teams and stakeholders across DBT.
- Show good attention to detail.
- Possess excellent organisation and time management skills.
- Show resilience under pressure, delivering to tight deadlines.
Essential Criteria:
- Experience of or a demonstrable understanding of information management, data protection and the associated legislation.
- Advanced knowledge of the Data Protection Act provisions, including Data Protection Impact Assessments (DPIA) and applying the necessary criteria effectively.
- Proven track record of subject matter expertise; providing advice & guidance on data protection legislation queries.
- Experience of managing a wide range of stakeholders, and of positively influencing colleagues that are not under direct line management, including senior stakeholders.
Desirable criteria:
- Practitioner Certificate in Data Protection or equivalent experience (a Data Protection Qualification is not mandatory in applying for the role though the successful candidate may be required to undertake further appropriate training as necessary).
- Relevant professional qualification or equivalent extensive experience in a dedicated Information Governance, Security, Privacy or Data Protection management and / or compliance role.
Behaviours
We’ll assess you against these behaviours during the selection process:
- Communicating and Influencing
- Delivering at Pace
- Making Effective Decisions
- Working Together
Technical skills
We’ll assess you against these technical skills during the selection process:
- Data Protection knowledge
Benefits
- Learning and development tailored to your role
- An environment with flexible working options
- A culture encouraging inclusion and diversity
- A Civil Service pension with an average employer contribution of 27%
We recognise the challenges that people with (multiple) protected characteristics may experience on the job market and in their career progression. We are fully committed to being an inclusive employer and ensuring equal opportunities. We are keen to make our workforce as diverse as possible, and we hope to attract applications from underrepresented groups, including ethnic minorities, people with a disability, and people with gender diverse identities
Please refer to the attached candidate pack for further information on our benefits.