Data Protection and Compliance Lead
About the Role
We seek an experienced professional to lead data protection, compliance, and risk management functions. The successful candidate will have relevant experience implementing best practice frameworks.
Responsibilities
* Manage Data Privacy & GDPR impacts across the organization, manage Subject Access Requests, Data Privacy Impact Assessments, map Data Processing Activity, and provide support in assessing risks within business units.
* Provide training and audit of compliance with GDPR.
* Act as the company's Data Protection Officer.
* Develop and manage a comprehensive Risk and Compliance Framework and plan with the corporate risk management team.
* Conduct risk assessments in head office, retail, and digital operations to identify areas of highest risk, with projects designed to manage and control the relevant environment.
* Manage the company's Risk Register.
* Ensure adherence to all relevant regulations, including data protection, advertising standards, consumer regulations, environmental codes, and ethical standards.
* Complete assigned projects in line with agreed scope and objectives.
* Responsible for ongoing development and maintenance of regulatory framework and compliance program with key stakeholders.
* Develop policies and procedures in consultation with stakeholders to ensure ongoing compliance with legislation and best practice in the regulatory environment.
* Involvement in regulatory reviews with the CFO, Heads of Departments, and legal representatives.
* Manage GDPR/Data Protection obligations and reporting. Provide support to teams, advising on impact and adherence to relevant legislation. Offer general legal support as needed.
* Manage Business Continuity Plan (BCP) for the organization.
* Develop and provide training for staff on their regulatory obligations. Enhance awareness and skill levels in these areas.
* Analyze data across departments to assess effectiveness of the compliance/risk management framework and address deficient controls, non-compliance with legal requirements, and/or company policies.
* Advise management on risk mitigation strategies and design of internal controls.
* Prepare accurate, comprehensive reports detailing any breaches, findings, and recommendations from audits, for relevant managers and the Executive Management Committee.
Your Profile
* Minimum 5 years' experience in a data protection, compliance, or similar regulatory role.
* Industry or professional services firm experience in a similar role.
* Qualification in data protection law or general legal qualification.
* Experience acting as Data Protection Lead.
* A clear understanding of the importance of the Compliance & Risk function.
* Able to identify key tasks and prioritize effective execution.
* Experience in implementing a risk-based compliance plan.
* Project management skills.
* Excellent interpersonal and communication skills, both written and verbal.
* Ability to think strategically, prioritize effectively, and balance competing deadlines and stakeholders.