Data Protection Specialist

Key responsibilities will include:

• To work proactively as a data protection subject matter expert within 2nd line, promoting best practice and developing policies and procedures to support this.
• To provide expert knowledge in all data protection assurance and recommendations across a range of data protection and governance topics, such as individual rights requests, data breach management and data sharing.
•  Management of GDPR-based incidents, with assessment using the Data Breach Impact Assessment Tool, and creation of a working party to manage any data breaches as part of a breach response. To lead the investigation and any remediation actions, including documenting via the risk and compliance tool for managing risk across the business and assisting the DPO in identifying any that are reportable to the ICO within 72 hours.
• Manage Data Subject Rights requests and co-ordinate information gathering and response within the regulatory time-frame of 1 month.5
• Identifying areas of improvement in local practices, relevant to managing data protection.
• Ensure business compliance with ICO’s Accountability Framework.
• Maintain an inventory of all processes and systems in the business containing personal data (the Record of Processing Activity) with completion of the Process Inventory and the System Asset Register and liaising with Data Governance.
• Support the Data Governance Committee, taking the lead of action monitoring, note-taking and administration.
• Represent a key stakeholder in Enterprise Design Authority (EDA), and as a key decision point in the Change Framework (HDF).
• Provide assistance and guidance to the business, in particular Change projects for the completion of the Process Inventory, Record of Processing Activities, Data Protection Impact Assessments and any Legitimate Interest Assessments and Appropriate Policy Documents required, monitoring their performance pursuant to Article 35.
• Ensure Data Owners and Data Stewards are aware of their responsibility to remain compliant in their respective areas via 1-2-1’s, directed by Data Protection Specialist.
• Managing our data protection awareness and communications programme, ensuring timely and accurate data protection information is provided across the organisation. In particular, the development and provision of training, as appropriate for targeted/company-wide consumption.
• Representing the DPO across analytical groups & business areas to provide advice & support on data infrastructure, data integrity, quality, and privacy, as a single source of truth and expert in the first line. Advising of system recommendations and technical approaches to maintain controls / validation.

Please be aware that should we pursue your application, all our Financial Services employees will be expected to complete background checks to assess suitability for employment, these include; a criminal record, identity, media, sanctions, adverse finance, fraud prevention and reference checks to comply with our regulatory requirements.

Hodge is an advocate of being an equal opportunities employer, We believe in promoting equality and diversity which is central to our lives today. We welcome applications from all sections of the community and recognises the value a diverse workforce brings to an organisation.

ESG and sustainability are at the heart of everything we do and serves as a reminder of the responsibility we have to our stakeholders, customers, colleagues and the communities we operate in to use our position wisely. We’re currently exploring different certifications available and have done an initial review of how we think we’d fare, as we see this as a real opportunity for Hodge given our social purpose.