Data Protection Officer (DPO)

Data Protection Officer (DPO)

Project: Ness Corporate
Number of openings: 01

 

Job purpose

To be the lead officer and expert on Data Protection matters, focusing on the 2016 EU General Data Protection Regulations (GDPR).

The DPO will ensure that sound policies, procedures and systems are in place so that Ness Digital Engineering can demonstrate compliance with the GDPR.

 

Principal Accountabilities / Key Responsibilities

  1. Advice/consultative role to the Senior Management
  • Ensure that the company is aware of and complies with Data Protection (DP) law, best practice and any case precedents, interpreting law changes into practical policies and procedures.
  • Identify, test and improve controls on the confidentiality, integrity and availability of personal data.
  • First point of contact for enquiries from staff on data protection and subject access requests, providing them with appropriate advice and guidance
  1. Compliance (Achieving and monitoring compliance including any remedial measures)
  • Draw up a DP policy from the GDPR regulations, with focus to new concepts and terminology and changed nuances of DP law, (e.g. right to be forgotten, data portability, additional new types of personal data, explicit consent).
  • Working closely with colleagues, render the DP policy into operational procedures for customer-facing staff to use.
  • Undertake proactive work and enforcement measures that promote good DP working practices and compliance with GDPR requirements.
  • Create registers as required by legislation
  • Carry out DP audits and spot-checks to monitor compliance.
  • Ensure subject access requests are responded to within prescribed timescales.
  • Deal with complex and difficult DP complaints, including appeals.
  1. Documentation
  • Design the documentation needed for use with the procedures, e.g.
  • DP Impact assessments.
  • Privacy notices
  • Subject access requests
  1. Supervisory authority relation management
  • Act as the prime contact for, and maintain engagement with, the national supervisory authority.
  • Design and maintain incident and breach/data loss management processes.
  • Maintain registration details and other legislative requirements.
  1. Third parties
  • Examine agreements for third parties who process the personal data of employees to ensure compliance with the new regulations.
  • Work with legal representatives to ensure that information-sharing with partners/suppliers is lawful and falls under appropriate protocols and codes.
  1. Risk
  • Ensure that managers are aware of the risk element of GDPR implementation, including monitoring through the Risk register.
  • Maintain a risk assessment process for personal data including DP Impact Assessments.
  1. Training
  • Design and carry out training programs to achieve compliance, e.g.

o Detailed, practical training for customer-facing staff.

o More general GDPR awareness training for other staff.

  • Carry out on-going DP and privacy training to maintain awareness.

Qualifications: GDPR Certification

 

Skills

  • Excellent communication and interpersonal skills.
  • Customer focus
  • Ability to build and maintain effective relationships at all levels of the organisation
  • Prioritizing and multi-tasking effectively to meet deadlines
  • Ability in developing policies and procedures in clear, non-technical language
  • Passion for service excellence and continuous improvement
  • Solution oriented
  • Self-driven
  • Ability to deal with confidential and sensitive issues responsibly and with discretion.
  • Ability to work on own initiative with minimal supervision.
  • Ability to map data flows

 

Experience and knowledge

  • Experience in data protection and legal compliance
  • Solid knowledge of GDPR and national data protection laws
  • Good understanding of computer systems, databases
  • Experience of managing application projects.
  • Experience of creating training programs
  • Practical experience of working in an IT team on data and application system projects.
  • Ability to handle confidential information
  • Work experience in data protection and legal compliance is a plus
  • Ethical, with the ability to remain impartial and report all non-compliances

 

Benefits

  • Training on application
  • Access to trainings for self-development
  • Be part of a young team
  • Floating holidays
  • Flexible benefits basket
  • Fun room and various team bounding and team building programs
  • Attractive compensation scheme

 

Join our team! Apply here!

About the Author

Leave a Reply