Data Protection Officer
Our client is large international retail organisation looking to recruit a high calibre and transformational Group Data Protection Officer to drive the data protection, GDPR and privacy agenda within a highly transformational and matrixed corporate landscape. The role requires a pragmatic individual with a commercial mindset, and an agile yet methodical approach.
- Creating, implementing and maintaining an appropriate data protection and privacy compliance programme
- Driving improvements across the existing GDPR programme
- Ensuring the business is prepared for any new legal and regulatory developments relating to data protection and privacy
- Escalating and reporting to senior management including Board / Audit Committee members
- Monitoring and managing adherence to relevant compliance controls, policies and procedures
- Managing and documenting personal data breaches and making reports to the ICO and/or other regulators
- Ensuring organisation-wide awareness and delivering appropriate training
- Act as ultimate contact point internally and externally for all matters with respect to data protection and privacy
- Leading and directing the DPO support team across the business
- Overseeing data protection impact assessment activities and reviewing/approving associated risk treatment plan
- Minimum of 10+ years of specialist data protection experience
- Transformation/change management experience.
- previously held the DPO role within a FTSE or listed business - £1bn+ revenues.
- Broad International experience (20+ countries) within a matrixed organisation
- Retail, consumer experience is preferred.
- Developed, implemented and enhanced data protection compliance programmes
- Experience in conducting a risk-based audits and monitoring including experience in quantifying, managing & mitigating risk
- Partnered with digital and data teams
- Expert knowledge of data protection law and practices
- Best practice understanding of Information Security and Data Governance practices
- Managed key messages to the Operating Committee and Board Members
- Managed external Comms both directly and indirectly.
- Experience of managing controls in systems that collect and process personal data including sales and marketing and HR systems
- Strong Crisis response management experience.
- Previous legal background is an advatnage.
Key relationships and stakeholders
- Deputy General Counsel
- Company Secretary
- Chief Digital and Data Officer
- Head of Regulatory Team and other Legal teams
- Head of Business Continuity
- Head of Internal Audit
- Relevant Operating Committee member
- Compliance owners and managers across the business
- HR Director
The role is positioned to pay up to £140,000 base plus bonus and benefits.