Head of Risk & Compliance
Above market salary
My client are a reputable and forward thinking Law firm who are looking to recruit a Head of Risk and Compliance to work across several branches to maintain the firm's compliance with data protection legislation including the Data Protection Act 2018, the GDPR and the requirements of the ICO.
This is a brilliant new opportunity to come in and put your mark on the business, below are a list of duties which you will be required to perform:
* Managing and recording actions for any potential data breaches including any reports to the ICO
* Providing guidance to manage any subject access requests and keeping full records
* Managing the process to identify the need for data privacy impact assessments, their implementation and keeping records of the process
* Developing and maintaining the process to monitor third parties/suppliers' compliance with their obligations for data protection
* Developing and maintaining the risk register and actions to mitigate identified risks to data
* Drafting policies and procedures in response to guidance and data protection legislation, making recommendations on how to implement best practice
* Proactively promoting best practice (e.g. via presentations, bulletins) to staff across a range of levels and experience
* Designing and implementing a training schedule and individual sessions working with the firm's IT trainer and Learning & Development team, on how to comply with policies and processes
* Implement processes for monitoring compliance including carrying out audits of user awareness
* Monitoring repositories where personal data is stored (e.g. for its purpose and retention times) and devise strategies to ensure compliance for stored data
* Collaborating with members of IT, Ethics & Compliance and Management teams to improve policies and processes based on results of monitoring for effectiveness and on any statute or regulatory updates
* 5 years as a Practising Solicitor
* Managing or advising on data breaches, subject access requests, data protection impact assessments, privacy policies, risk registers
* Devising and/or delivering training in best practice of data management
* Analytical ability
* Time and project management
* Excellent communicator
So if this sounds like something you'd be interested in getting involved with then please don't hesitate & send me your CV today!
Douglas Scott is acting as an Employment Agency in relation to this vacancy.