Responsible for leading an information assurance and security team of 3 people – FOI/DP Officer, Deputy Data Protection Officer - Information Security, Information Risk & Policy Officer.
To be the designated Data Protection Officer (DPO) for PHSO as required to comply with the General Data Protection Regulation (GDPR). This is a statutory role that requires registration with the Information Commissioner’s Office and publication of the Data Protection Officer’s name and contact details.
To be the point of contact for PHSO with the Information Commissioner, complainants, staff and other individuals whose information is collected, used or otherwise processed by PHSO.
To manage and provide support to the information assurance team, engaging and motivating the team, building an open and supportive culture to ensure the delivery of an effective customer focused service across PHSO.
To be responsible for delivering an efficient and effective privacy, information management and cyber security function and for providing PHSO with expert advice and on-going best practice to ensure information is managed in accordance with PHSO, legal and best practice needs.
Responsible for the development of information assurance policies and procedures, and for assuring legal compliance with data protection and information security legislation.
To advise senior management on information security direction and resource investments, design appropriate policies to manage information security and implement best practices for security awareness and training.
Partner with Directorates across PHSO to ensure implementation of the information security solutions across the Office. Operate independently across PHSO to inform and advise the PHSO, its employees, and any associated processors about their obligations to comply with the GDPR and other relevant data protection laws such as Part 3 of the Bill.
Work closely with all Executive Team to take the lead role in the management of the PHSO Information Assets which will include IAO responsibilities.
As the designated Data protection Officer (DPO), ensure that the organisation complies with all relevant privacy related legislation. The Data Protection Officer role is a statutory role under the General Data Protection Legislation and is required to provide independent data protection advice and assurance to PHSO.
• To inform and advise the organisation and its employees about their obligations to comply with the GDPR and other data protection laws.
• To monitor compliance with the GDPR and other data protection laws, Including managing internal data protection activities, advise on data protection impact assessments; train staff and ensure appropriate audit activity.
• To be the first point of contact for supervisory authorities and for individuals whose data is processed (employees, customers etc).
• Accountable for assuring internal compliance to the highest level of the organisation including the Ombudsman, Executive and Audit and Risk Assurance Committee, informing and advising on our data protection obligations, providing advice regarding Data Protection Impact Assessments (DPIAs) and acting as a contact point for data subjects and the supervisory authority.
Skills & experience
- Educated to degree level or equivalent professional experience
- Data Protection Practitioner qualification
- Excellent understanding of information security risk management
- Sound understanding of privacy rights and technological capabilities
- In depth understanding of information security legislation (including GDPR and FOI)
- Experienced information security professional with industry-recognised credibility
- In-depth understanding of the technologies and architectures supporting information security protection, and the factors informing user experiences
- Proven track record implementing information assurance regimes across devices, channels (e.g. web, app, phone), systems, roles and organisations and operating in time critical, diverse corporate environments
- Extensive practical experience developing/publishing/maintaining controls, systems, access and policies for complex organisations
- Experienced people manager able to lead and manage through change
Does this role sound like you? If so, please APPLY NOW and become part of this fast-evolving team! Feel free to get in touch to find out more – firstname.lastname@example.org
Proud member of the Disability Confident employer scheme
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident