Job Reference: FRS50352
Job Duration:
Start date: ASAP
Description:
Data Protection & Regulatory Compliance Manager (DPO) - Full Time - Hybrid/Dublin
About this Role:
The purpose of the role is to lead the development and oversee the effective management of data protection framework, contribute to the setting of the overall data protection strategy, and monitor compliance with data protection legislative requirements. A key role of the DPO will be to communicate on behalf of Pepper with various categories of data subjects, supervisory authorities and stakeholders. The DPO will report directly to the Director of Compliance.
Additional duties will include Providing support and assistance to the Compliance Team to implement andoversee the Compliance Framework. Assist the business with advice and expertise by responding to, overseeing, adherence to applicable laws and regulations that impact business. Identify applicable laws and regulations, monitor and oversee the implementation of regulatory changes and continuously enforce and enhance best practices to ensure all business carried out is in accordancewith all applicable legislation and regulations. Ensure that regulatory risk is appropriately documented and adequately monitored and tested.
Key Responsibilities
* Data Protection
* Lead the development and maintenance of data protection framework, developing and driving a data protection culture through awareness, training, and providing advice at all levels - up to andincluding the Board.
* Create and maintain robust policies and procedures and communicate effectively to the business; and input into relevant policies and procedures developed by other business functions.
* Determine optimal training strategy, contentand mode of delivery; maintain accurate and easily accessible training materials and records, working closely with training colleagues for roll-out and delivery.
* In conjunction with the Operational Risk team, monitor and audit compliance with GDPR.* Provide advice and guidance with regard to documenting data processing activities in the form of Data Flows and Data Inventories. Follow up with business as required to ensure records are maintained.
* Provide advice regarding Privacy Impact Assessments.
* Adopt a risk-based approach in the performance of tasks with the main focus being on the organisational processing activities which are high-risk.
* Co-operate with relevant regulatory authorities as required.
* Point of contact for all queries from data subjects including providing advice on data access requests where required.
* Collaborate closely with leaders ineach department to understand information flows and evaluate how their data is processed and categorised, what business processes make use of the data and why, and how the controls provide proper security and compliance.
Regulatory Compliance:* Ensure provision of prompt, accurate advice and oversight to the business on compli-ance and regulatory matters.
* Input torelevant business policies and procedures to ensure compliance with relevant laws, regulations and codes.
* In conjunction with the Operational Risk team, monitor compliance with laws and reg-ulation
* Liaison with the Regulators as required and liaison with/attendance at events orga-nized by Industry bodies
* Stay abreast of changes in the Irish regulatory environment;
*To create and maintain a culture of compliance within the business.
Key Performance Indicators
* Relevant and timely updates on DP & Regulatory matters to senior management.
* Policies and procedures in place and communicated.
* Relevant communications and training deployed.
* Discussed with Operational Risk to ensure risks documented; controls in place; and monitoring/testing carried out.
* Data flows and data inventories in place and up to date.
* Privacy Impact Assessments completedwhere required. (DPIA, LIA, TIA)
* Documented risk assessment and plan, reviewed and updated as required.
* Timely, robust responses to authorities, data subjects etc.
* Delivery of prompt and accurate advice to the business
* Audit logs and actions documented
* Data flows and data inventories in place and up to date.
Skills & Experience
* 3rd level education to Degree or Master level
* Legal qualification and/or Licentiate of the Association of Compliance Officers in Ireland
* DataProtection qualification
* Strong experience either in-house or externally in a financial services environment
* In depth understanding of the General Data Protection Regulation and the regulatory landscape in Ireland
* Experience in design and delivery of training courses
Benefits
* 25 days annual leave per annum plus 3 company days
* LAYA Healthcare - immediate access from Day 1.
* Generous defined contribution pension scheme - immediate access from Day 1
* Robust further education scheme
* Employee Referral Scheme
* Tax Saver Commuter Ticket
* Cycle to Work Scheme
* Employee Assistance Programme
* Wellness Programme
* Long term sickness benefit (PHI)
* Life Assurance/Death in Service
Industry: Financial Services
Salary:
Salary Benefits:
Vacancy Type: Permanent
Job Skills: Data Protection, GDPR, Compliance, Attention to Detail, Personal Data
Contact Name: Conor Kennedy
Website: -
Direct Application URL: -