We are recruiting for a GDPR Manager to work for a company based in central Swindon. This is a hybrid role that will be based in the office and working from home. Salary is £39,748, full time, 37 hours a week.
- Responsible for monitoring and managing the Freedom of Information, Data Protection, and Security mailbox
- To investigate incidents and data breaches
- Escalating risk in a timely manner, but presenting risk with possible solutions for discussion, not being lead.
- Manage and oversee the initial acknowledgement and triage of all information rights requests, working with relevant business units to complete evidence gathering and investigation, and response/resolution within required deadlines
- Provide regular reporting on information rights and assurance to stakeholders as required
- Provide analysis, address and follow up on key areas where improvements are needed to address the cause of data breaches
- To resolve Freedom of Information, Data Protection queries and requests, engaging with the Head of role as appropriate.
- To manage and deal with escalations and complex requests
- Drafting NDAs, MOUs, data sharing, contracts and other agreements
- Ensuring appropriate agreements and contractual terms are in place with organisation, individuals, suppliers that may have access to sensitive information to protect data
- To assist with developing information assurance policies and procedures
- Undertake the management of data breaches/incidents for commercial data and reporting
- Work with teams to ensure that Information governance is on the minds of all staff and that appropriate refresher training is in place, along with robust induction procedures.
- Ensure staff training records in relation to mandatory training sessions are accurate and up to date
- Build and maintain excellent working relationships with key external stakeholders
- Deputise for the Head of Information Assurance & Complaints in their absence, in all matters relating to Information Rights and Assurance. Providing cover for other colleagues in the team during sickness and long term absences.
Essential skills required
- Demonstrable experience of multi-tasking, prioritising and working proactively to deliver at high quality and pace against multiple priorities.
- A demonstrable willingness to keep up to date with best practice and wider developments in information management and complaints handling
- Experience in complex organizations, preferably public sector, and interaction with internal and external stakeholders at all levels
- Experience in writing clear briefs
- Previous information rights handling experience
- Ability to solve complex requests and incident handling, thinking strategically and with risk in mind
- Experience of working closely with senior strategic roles, to influence future decisions and contribute to shaping process/policy where there is scope to do so
- Experience of formulating new ideas and putting them into practice in relation to incident process to improve governance and risk management
- Experience of successfully leading on information rights request in line with legal and regulatory requirements and best practice in a large, complex organizational environment
- Full appreciation and a good understanding of information management and data legislation, particularly the Freedom of Information Act 2000, Environmental Information Regulations and General Data Protection Regulations.
- Experience of handling casework in these areas
- Development and review of contractual documentation and privacy terms and conditions
- Delivery of training and staff awareness events
We are looking for candidates who are degree or have equivalent experience and a professional qualification in Data protection, GDPR, Freedom of Information, Information Assurance and/or Information Management (practitioner level).
Permanent, Full Time
- Industry Sector Other