Data Protection & InfoSecurity
Position: Data Protection & InfoSecurity – OneTrust
Based: Milton Park, Abingdon – Hybrid role
Type: Permanent, Full Time – WFH and Office
Salary: £32k – £38k
Data Protection and Information Security Analyst – OneTrust
We have a fantastic opportunity for a Data Protection and Information Security Analyst to join an established team. This role will suit a Data Protection / Data Privacy professional who wishes to gain experience in a global organisation, working alongside Information Security professionals. Ideally, you will have worked within a governance or a data protection team in a medium to large organisation where you were responsible for compliance, policies, and auditing activities.
As a Data Protection lead and trusted advisor, you will act as focal point for all Data Protection and regulatory needs. This role would suit someone with broad experience, and demonstrable understanding of regulatory environments. You should be familiar with audit and compliance evidence gathering, detail orientated, organised, self-motivated and inquisitive!
You will oversee business requirements, providing advice and responses for client bids and tenders, along with ensuring compliance with processes and systems from inception, delivering end-to-end management.
Define, develop, and implement Data Protection policies and operational practices to ensure fit for purpose standards, operational disciplines, and controls to minimise risk.
Support and promote compliance with data privacy legislation and best practice
Support the delivery of UK and international strategic data protection initiatives
Engage with business and project teams to advise on privacy controls (including the completion of data privacy impact assessments) and mitigation of risks
Conduct root cause analysis in relation to personal data breaches and identify remedial actions
Identify and propose steps to address compliance gaps or deficiencies ahead of implementing agreed measures
Respond to data compliance related questionnaires and queries from vendors, business partners, and clients
Strong track record in negotiating and managing internal and external stakeholders and third parties, using every contact with internal customers to build sustainable relationships.
Maintain personal data mapping and inventory on OneTrust
Monitor and report cookie and data privacy compliance across our web domains
Maintain a central library of self-help material for bidding teams
Coordinate our response to data subject rights requests (DSARs, Right to be forgotten, etc.)
Report key risks and mitigating controls as well as the quality of compliance programmes to senior management on a regular basis and obtaining resulting feedback
Maintain compliance through continuous training, periodic audits, external reviews and assessments, and carry out ongoing improvements
Responsible for the management and reporting of Cyber Awareness & Data Protection training, including periodic audits and reviews on the effectiveness of training material where appropriate.
Previous experience within the Data Protection / Data Privacy field in a global organisation
Strong communicator, excellent time management and detail orientated attributes
Proactive approach with a desire to deliver results
Demonstrated ability to collaborate effectively with internal / external stakeholders
Proficient in Microsoft Office, experience with OneTrust beneficial
Able to work individually and as part of a team with minimal supervision
Strong knowledge of and experience in dealing with GDPR, UK GDPR, and UK Data Protection Act 2018 related matters
Ability to articulate complex issues in a consumable manner to audiences, whilst maintaining confidentiality and sensitivity
Confident in designing, implementing and operating controls including policies and procedures
Confident writing and communication skills in process and control descriptions and security audit reports
Privacy related qualifications / certification, e.g. International Association of Privacy Professionals (IAPP)
Innovative in seeking continuous improvement, with an understanding of information technologies and data securities
Analytical and commercially focused objective setting and problem resolution.
Adaptable and flexible in approach and time zone availability•
If you have the outlined skills and experience, please apply now.