Data Protection Officer
Job Title: Data Protection Officer
Location: Head Office in Wilmslow - Nationwide applications considered, but considerable time will need to be spent at head office alongside remote working
Hours of Work: Full Time (Flexible Working Available)
Salary: Up to £60,000
We are Citation - One of the UKs biggest providers of Health and Safety, HR, Employment Law, Fire and Electrical Compliance Services to businesses.
We offer colleagues and clients an opportunity they will not gain at many other businesses.
We are interested in growth, investment and service excellence, we never have and never will grow our business by cost cutting or tying people up in bureaucracy.
We don't do politics - we want people focused upon actions and delivery.
We don't do micro-management - we empower, support and innovate.
We are leaders, not empire builders and we love our business.
This is a really exciting opportunity to join us in this newly created role.
Across our group companies we have over 45,000 clients who love us, need us and want to buy more from us.
Having acquired 10 businesses over the last 3 years which offer products and services that our clients need and want; we're only interested in future growth; we're not finished yet.
Moving before Christmas is a risk - is that what you're thinking? We've just entered our 3rd wave of private equity ownership alongside KKR and Hg Capital and don't plan on slowing down anytime soon.
This also means as the company grows over the next 3 to 5 years, you've got the opportunity to do so too! If the prospect of this excites you… good, you're the right type of person for us.
This position will be a critical role in complying with Citations obligations under the Data Protection Act 2018 and the GDPR.
The candidate will be responsible for ensuring Citations continued compliance with applicable data protection laws.
The role will also hold responsibility for compliance and maintenance of Citations ISO 9001 standard.
If you want a role that you can make your own, where you can make a real positive business impact and work for a Company full of great colleagues, then this could be the role for you.
Cultural fit is critical as is technical knowledge and experience.
Finding the balance between legal understanding, practical application, influencing and commercial awareness is tricky but essential.
We're looking for someone who can not only help us ensure compliance but is savvy enough to drive through the business benefits of this role.
We are a not a business who are ruled by policies - this role will be no different.
If you are looking for a role where you can come in and monitor/manage processes, this role won't be for you.
We are a fast-moving business with big ambitions.
Experience outside of a highly regulated environment would be advantageous, or at least an understanding on how the internal processes might be different.
Regulatory Essentials (Article 39 GDPR):
The Data Protection Officer shall be responsible for the following:
, to inform and advise the Company (and employees who carry out processing) of its' obligations pursuant to this Regulation and to other Union or Member State data protection provisions;
, to monitor compliance with this Regulation, with other Union or Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;
, to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35;
, to cooperate with the supervisory authority;
, to act as the contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36, and to consult, where appropriate, with regard to any other matter.
The data protection officer shall in the performance of his or her tasks have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing.
Education & Experience:
, Relevant Qualification e.g.
Data Protection Practitioners' Certificate, preferably BCS or ISEB
, In-depth understanding of GDPR, DPA, PECR
, Experienced dealing with data breaches
, Methodical, balanced, calm and engaging in approach
, Has excellent attention to detail
, A proved track record of quickly establishing good working relationships and gaining credibility with a range of internal customers
, Experienced in undertaking complex analysis and problem solving and communicate the results clearly
, Ability to communicate effectively with customers and colleagues both verbally and in writing switching styles, tones and platforms as required
, Doesn't get stage fright when presenting to the board or colleagues
, Understanding of ISO27001 or information security principles - desirable
, Experience in managing ISO 9001 compliance - desirable
, Knowledge of the B2B Business Consultancy sector - desirable
What you get from us?
It's a great place to work because of the people we employ.
Fun, professional and supportive, we want likeminded individuals who love to love their job (no ‘mood hoovers' here thanks!).
So, if our culture sounds like a good fit for you and you want to be part of our success story, then send us your details.
Please click 'Apply' to continue your application.
More Jobs from 2MES
- UX Designer
- UX Researcher
- Principal Software Engineer
- Data Engineer
- Sales Advisor
- Support Officer- Employment Support
- Senior Policy Officer (Culture)
- Head of Strategic Communications
- Experienced PHP Developer (Web)
- Full Stack Software Developer
- QA Engineer – Developer in Test
- Residential Property Solicitor/ Conveyancer
- Residential Property Paralegal
- Insight Assistant
- Volunteer - Returning Officer & Deputy Returning Officer
- Credit Control & Accounts Assistant (maternity cover)
- Family Support Worker