Data Protection Specialist

On behalf of The Department for Transport, we are looking for a Data Protection Specialist (Inside IR35) for a 6 Month contract based in Southampton 3 days per week.

Transport matters and what we do at the Department for Transport matters. Click [1] here here to find out more about working for DfT and its agencies. We are different people, one team.

Description:

The role (SEO) will sit under the requestor, the Head of Data Protection (G7), to act as a deputy and support with their statutory tasks, ensuring that provision of expert data protection advice to the organisation is delivered in a timely and compliant manner.

The role involves providing expert data protection advice and guidance to the agency, staff and third parties.

The key day to day tasks for this role are:
* Provide expert data protection advice to the business in relation to the data protection functions
* Manage the Data Protection Impact Assessment (DPIA) process, ensuring the agency undertakes DPIAs when required. Advise on and assess risks identified in Data Protection Impact Assessments, working with stakeholders to mitigate risks.
* Maintain the record of processing activities (ROPA) log
* Assist the Head of Data Protection in responding to formal complaints received from data subjects
* Provide advice to business areas responding to Individual Rights requests (including Subject Access Requests) from individuals, including advising on correct process, redaction and exemptions
* Manage the data breach reporting process, assessing risk and advising on appropriate actions, mitigations and reporting obligations where personal data breaches have occurred.
* Manage the Data Protection risk register identifying data protection compliance risks alongside other business risks.
* Review and maintain the MCA's Privacy Notices, ensuring data subjects are accurately informed about MCA processing and the rights available to them. Ensuring relevant and accessible Privacy Notices are in place where required.
* Raise awareness of Data Protection legislation and disseminate updates. Support the delivery of the annual training plan for the MCA, creating and delivering structured training as well as informal guidance to all staff on Data Protection issues.
* Support the production of statistics/KPIs where required to track team activity and/or support wider business reporting requirements, escalating recommendations on matters that should be discussed with the DPO, Executive or the ICO.
* Provide expert advice and assistance on the development of legal agreements relating to the processing of personal information to ensure data protection compliance, including data sharing agreements, data processing agreements, data transfer agreements, data disclosure agreements and other internal or third party agreements

Key Skills/Knowledge Required:
* Considerable experience in data protection, successfully obtained Data Protection Practitioners Certificate, or have sufficient comparable prior experience and knowledge to undertake this soon after starting the role.
* Experience in information security principals and standards and be able to apply this alongside data protection legislation to advise data and security professionals in developing data management standards and processes.
* A history of working collaboratively and inclusively with external organisations and other stakeholders, sharing information and knowledge to achieve common aims.
* Excellent communication skills, both verbal and written, highly skilled in the delivery and absorption of information with colleagues at all levels.
* Excellent presentation and public speaking ability, particularly with regard to delivery of training and reporting to senior executives.
* A background in managing diverse teams of people, motivating them to deliver challenging and sometimes conflicting objectives.
* Experience in information access legislation; the Freedom of Information Act 2000, Environmental Information Regulations 2004, the subject access provisions under UK GDPR/ DPA and the exemptions and application of those requirements
* Understanding of how public sector organisations work (governance) and the application of the information access and data protection regimes to public sector bodies, including understanding of records management regulations and best practices.
* Experience in risk management methodologies

Please be aware that this role can only be worked within the UK and not Overseas.

Disability Confident

As a member of the Disability Confident Scheme, DfT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group.

Armed Forces Covenant

DfT guarantees to interview veterans or spouses / partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates / military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group.

In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".