An increase in client numbers means we are looking for an additional Privacy & Data Protection Advisor to join our team.

We provide data protection and privacy advice to a wide range of schools, charities and other public bodies across the south east.

About the role

The Privacy & Data Protection Advisor will have expertise and experience of data protection requirements such as GDPR, PECR and the UK Data Protection Act 2018. On a day to day basis you will be:

  • Fulfilling the role of Data Protection Officer for named clients in line with the GDPR
  • Consistently advising clients on personal data governance, accountability, and risk management
  • Performing data protection and privacy consulting engagements including audits, assessments and analyses based on a deep knowledge and understanding of regulatory obligations, particularly with regard to data governance and privacy
  • Maintaining knowledge, keeping abreast of relevant regulatory developments and understanding how client activities may be impacted
  • Maintaining and enhancing strategies and compliance frameworks (including policies, procedures, registers, controls and guidelines) and executing assurance programmes to ensure our clients’ compliance with data protection and privacy laws and regulations
  • Identification of business processes and systems that relate to personal data and are deemed in-scope for GDPR.
  • Review commercial agreements and contracts, including Data Processing agreements with data processors
  • Ensuring requests made by data subjects under the UK Data Protection Act or GDPR are dealt with appropriately
  • Providing management information on data protection and privacy to senior management
  • Liaising with relevant regulators including the Information Commissioner’s Office as required, on behalf of clients
  • Inform, advise and issue recommendations to clients regarding compliance with data protection laws including GDPR, and create/update client policies and guidelines with respect to data protection

Hours: Flexible depending on the successful candidate. This role could range from 0.4 FTE to 0.6 FTE

Location: Home based but occasional travel to client sites may be required

Salary: Up to £35,000 FTE dependent on experience

To apply: Please click the button below and send a CV and covering letter. (No agencies, please.)

You will have

  • An in-depth understanding of data protection requirements such as GDPR, PECR and the UK Data Protection Act 2018
  • Data Protection Practitioner certification, CIPP/E or equivalent
  • Background in a client facing consultancy role ideal
  • Ability to translate regulatory requirements into pragmatic solutions tailored to the client’s business
  • Wider technical knowledge of information security standards and best practice including Cyber essentials and ISO 27001:2013 is desirable
  • A comprehensive understanding of the practical application of the legislation and official guidance relating to processing information and personal data. Ability to audit data management systems
  • Detailed knowledge of global data transfer mechanisms and controls
  • Proficiency in the use of Microsoft Office products (Word, Excel, PowerPoint, Project and Visio) to accomplish daily business activities and facilitate communications.
  • Able to develop and deliver guidance, advice and training on data protection and privacy requirements
  • Ability to build relationships with clients at all levels of the organisation, and experience in managing client relationships
  • Exceptional communication skills that are especially important in enabling effective communication with clients and colleagues