Job details

Data Protection Officer

Job reference: 002807

Closing date: 02/08/2019

Salary: Competitive Salary plus Bonus & Benefits

Department: Finance

Hours per week: 36.17 hours per week

This is a strategically important position and a prominent leadership role within the organisation that requires a candidate who is confident and can take responsibility for overseeing and shaping data protection strategy and implementation to ensure compliance with GDPR requirements.

What you’ll be responsible for as a Data Protection Officer:

  • Being the nominated DPO for the Information Commissioner’s register of Data Controllers, notifying the fact and extent of processing to the Information Commissioner and maintaining the accuracy. 
  • Provide leadership role and strategic data protection guidance and advice for NBrown involving the development of strategy to include systems, controls and compliance in the UK, Ireland and globally (where required). 
  • Review, develop, implement and maintain data protection policies and procedures.  Implement systems and controls to ensure compliance with relevant data protection legislation and regulations. 
  • Monitor compliance with data protection requirements on an ongoing basis (including PECR). 
  • Provide advice and guidance to the business in relation to UK & International requirements of data protection, including subject access requests and transfer of data outside the EU.  Ensuring that all colleagues are aware of and deliver their own responsibilities by informing and training on the requirements of data protection.
  • Where necessary advise and conduct privacy impact assessments and monitor effectiveness.  
  • Ensuring compliance in all circumstances with requirements for international data transfer identifying all circumstances in which personal data is transferred outside the EU.
  • Implement, maintain and review procedures to deal with subject access requests. 
  • Undertake periodic data protection audits including all manual or digital and internal or outsourced processes. Report to the board on the effectiveness of the firm’s data protection arrangements and recommendations for improvement.  Ensure that action plans are devised and followed through to rectify any discrepancies. 
  • Ensure data processing agreements are in place with third parties handling personal data.
  • Maintain a central register of data security reports to allow DPO & Company
  • Provide advice and guidance on appointment and use of data processors and ensure appropriate contract terms are including in any data processing agreement.
  • Provide Incident management advice/support where and when needed.  Ensure that any breaches etc. are responded to and managed effectively with the relevant authorities informed.
  • Regular ongoing horizon scanning and networking to identify good practice and maintaining contracts and relationships across the retail industry. 

What you will need to succeed as a Data protection Officer:

We are looking for previous experience as a DPO or Senior Data Protection Professional. A data background or strong understanding of data governance, data quality and the role GDPR and data protection plays within it. You will also demonstrate thorough working knowledge of PECR. 

Furthermore you will have solid stakeholder management and engagement skills, creating an energising and rewarding atmosphere. You will have strong communication skills, able to build robust relationships and partnerships to ensure action is carried out within set deadlines.


The closing date for this job has now passed.