Our vision
Davies is a community of outstanding people. We welcome different perspectives, support each other’s ambitions and grow together. In a fast-changing business environment, we adapt and look ahead.
We succeed because we are multi-talented: in the skills of our teams, specialisms, and sector expertise. Working together, we are greater than the sum of our parts.
Why work for Davies
Davies are committed to being a diverse and inclusive workplace. We welcome candidates of all genders, gender identity and expression, neurodiversity, sexual orientation, disability, physical appearance, body size, race, age, nationality, and belief (or lack thereof). Join us nd enjoy our ever-evolving benefits, including but not limited to:
* Reward platform – discounts for over 800 retailers
* 25 days holiday (rising with service)
* EAP with virtual GP
* Recognition programme
* Enhanced maternity and paternity leave policies
* Fostering friendly and fertility support employer
* Pension - matched contribution up to 5%
* Life Assurance (4 x basic salary)
* Development, training, and professional qualification
The role
Reporting to the Global Head of Privacy and as part of the office of the Chief Information Security Officer (CISO), the Privacy Manager will take the lead role in ensuring compliance to the Group’s data privacy policies and procedures. The role holder will engage proactively across the Group to drive continuous improvement and implementation of “privacy by design and default” across organisational processes. The role holder will work with the Group to identify any potential regulatory compliance gaps, ensuring all identified issues are assessed and mitigated, whilst also supporting the Division(s) to in managing any privacy incident or data breach.
The role requires a hands-on approach to data privacy, data protection and risk management, which includes maintaining compliance with regulations such as GDPR, the DPA 2018 and PECR among others industry standard frameworks.
The role holder shall work collaboratively with various stakeholders to ensure success with all privacy, risk, and data protection across GRC related programs. You will be a key part of the team, working within a global professional services and technology firm who pride themselves on providing the highest standards of service to its clients.
Role responsibilities
* Ownership of divisional compliance with privacy regulations and legislative frameworks
* Supporting of divisional business segment with GDPR and data privacy advice while working closely with the Global Head of Privacy to ensure GDPR/DPA compliance for data processing
* Design and implementation of group-wide data privacy processes and programs
* Utilising OneTrust, conduct privacy assessments, Data Protection Impact Assessments (DPIAs), Records of Processing Activities (ROPAs), data governance and data classification
* Performance of internal audits
* Work wider CISO teams to rollout an on-going programme of data privacy awareness and training campaigns
* Presentations of divisional updates to the Chief Risk Officer
* Implementing and improving procedures to comply with GDPR, DPA and other privacy regulations as relevant.
* Identify weaknesses or failures in privacy processes and drive appropriate improvements
* Demonstrable experience of assessing and managing risk
* Assist clients, suppliers, and partners in privacy related response activities
* Review 3rd party privacy controls and respond to partner security due-diligence requests
* Provide privacy SME support for Mergers and Acquisitions across the Group
* Support the production of management information and reports for the board
Skills and experience required
* Must possess a strong knowledge of data protection law, regulations, and best practice
* A basic understanding of Information Security best practices and approaches
* Demonstrable experience in building relationships across organisation to develop privacy knowledge and engagement
* Must be comfortable performing regular internal audits
* Must have experience of using the OneTrust privacy platform
* Previous experience as a Data Protection Officer is desirable
* Professional certification (certified DPO, certified GDPR)
* Experience of international multi-jurisdictional privacy law and regulation is desirable
* Broad understanding of the emerging AI regulations in relation to privacy
* Dedicated but pragmatic to the principle of data privacy and protection – a reasonable approach to balancing business objectives and privacy requirements
* Tenacious and drive to see things through to execution
* Well organised, focussed with strong attention to detail
* Continually strives to improve themselves and those around them
* Understand and committed to delivering with Davies Values in mind
If you'd like to know more about how Davies will process your application data, please download our privacy policy:
https://daviesgroup.current-vacancies.com/OneAccount/Account/DownloadPrivacyPolicy/1546