Job Summary Reporting to the Assistant Director, Information Governance you will lead on responding to information rights requests and fulfill the role of the Data Protection Officer - a key role within SFC. You will work in close partnership with senior leaders, including the Senior Information Risk Officer and Chief Information Officer, supporting the Assistant Director to deliver the Information Governance Framework and leading on associated activities. As an experienced Information Rights and Data Protection practitioner, you will be skilled in dealing with sensitive, complex information at pace, building trusted relationships with colleagues across SFC, and you will exercise good judgement in responding to information rights requests. You will be expected to work flexibly across the responsibilities of the information governance team, stepping in to provide cover and support when required to ensure deadlines are met. A keen understanding of the strategic context within which the SFC is working will be key to success in this role. Key Responsibilities Leading the response to information rights requests, providing advice to colleagues across SFC, ensuring legal compliance with relevant legislation. Provide an efficient and effective senior contact point for queries in relation to information rights and data protection including complex ones. Ensure staff fully understand their responsibilities within data protection legislation and information rights and follow relevant processes, evidenced through reporting and auditing. Promote an information governance culture and an understanding of data protection compliance throughout the organisation. Inform and advise SFC staff, including senior leaders, about their obligations to comply with the UK GDPR and other relevant data protection laws taking into account the nature, scope, context and purposes of the processing. Develop and maintain effective coordination and liaison with our stakeholders and external partners. Identify opportunities to improve ways of working within Information Governance and implement positive change. Manage and advise on internal data protection activities, for example supporting colleagues to deliver Data Protection Impact Assessments and Data Sharing Agreements. Develop and maintain SFC’s Records of Processing Activities (RoPA) to ensure that it is accurate and regularly reviewed and information asset owners understand their responsibilities. Coordinating with Information Governance colleagues, assess and respond to personal data breaches, including reporting to senior management and the ICO as required. Identify and implement improvements to data protection and information rights compliance based on user requirements and best practice. Contribute, make recommendations and report to the Information Governance Oversight Group on data protection and information rights development and compliance, including risks, trends, good practice, mitigation, and training. Monitoring SFC’s compliance with the UK GDPR and other data protection laws and with our data protection policies, raising awareness of data protection issues, training staff and conducting audits. Being the first point of contact for the ICO and for internal and external stakeholders, including data subjects. Support the formulation, implementation and regular review of policy and guidance to ensure that data protection and information rights policies meet all relevant legislation and best practice. Person Specification Essential Requirements: Experience administering Azure Services: M365, App Service, Azure SQL, Blob Storage, Key Vault, ExpressRoute, Virtual machines, Virtual Networks. Experience of Azure Migration, migrating on-premises solutions to the cloud using Azure Migrate (or other) tools. Experience with Continuity of Operations/Disaster Recovery architecture and planning. Extensive and applied experience administering Windows Server OS 2016 and above (Standalone & Cluster) patching, domain admin, network configuration, security monitoring. In-depth technical knowledge of Microsoft Azure and On-Prem infrastructure components and how they integrate with one another. In-depth knowledge of Azure Security Centre and Azure Monitor: Network, Application, Infrastructure. In-depth knowledge of multi-factor authentication (Azure MFA preferred), Microsoft AD Integration with Cloud Applications/Microsoft Azure Active Directory. Good working knowledge of Network administration and VPN administration. Good working knowledge of Active Directory Services including DNS, DHCP, and DFS. Qualifications: Microsoft Cloud Certification, at least one of the following (AZ-400, AZ-303, AZ-104). Good interpersonal and communication skills. Proven track record of delivering high quality and effective outputs within time and resource constraints. Ability to work collectively and with impact as part of a team. Desirable Criteria: Experience of performing the Data Protection Officer role, preferably in a public sector context. Experience of enhancing the information governance culture in an organisation, preferably within a public sector context. Additional Information Location SFC offers hybrid working for its employees. This means that whilst the role is based at our Edinburgh office, there is substantial opportunity to work from home most of the time. As a rule of thumb, SFC expects that a minimum of one day a month in the office will achieve the benefits of its hybrid approach; however, it is for the employee and their line manager to agree on the balance between home and workplace working - determined primarily by business need. Please be aware that this role can only be worked from within the UK and not overseas. Relocation expenses are not available. Key Rewards and Benefits Normal full-time hours of work are 35 per week. We will consider flexible working arrangements. A flexi-time system is in operation. Annual leave entitlement of 26.5 days pro-rata, rising to 30 days pro-rata after 4 years’ continuous service. Public and privilege holiday entitlement of 11.5 days pro-rata. A flexible approach to hybrid working, giving you flexibility to work from home for some of the time while also maintaining regular in-person contact with colleagues. Annual pay review: approved within the framework of the Scottish Government’s Public Sector Pay Policy and negotiated with our recognised trade union, Unite. Salaries are reviewed annually in April for employees who commence employment prior to 1 October in the preceding year. Eligibility to join the Civil Service Pension Scheme. With its low member contribution rates and generous employer contributions, this gives you a secure, inflation-proof pension for life with no investment uncertainty. Details of contribution rates together with further details of the pension benefits are available on the Civil Service Pensions website. There is also the option of a Partnership pension account. Support for continuous professional development. Support for health and wellbeing, including generous occupational sick pay, free access to confidential advice and support through our 24/7 Employee Assistance Programme, Special Leave (paid and unpaid), a contribution to learning outside work through our Lifelong Learning Fund, free winter flu vaccination, and access to occupational health support. Support for travel to and from work, including a salary sacrifice cycle loan scheme, cycle storage and shower facilities, an interest-free loan for bus or rail season tickets and free office car parking for employees on a first-come basis. The Selection Process How to Apply To apply, please send your CV and cover letter. The selection panel will use this evidence to assess your application against the selection criteria in the Person Specification section above. It is not mandatory to provide a cover letter but it can be beneficial to provide further evidence of your suitability against the essential skills. In your CV please also set out your educational and professional qualifications, and career history, with key responsibilities, dates and achievements. Please provide reasons for any gaps. Expected Timeline: Your application will be reviewed by a Reed Recruitment Specialist who may invite you to an initial telephone screening call. The call will last up to 30 minutes, giving you an opportunity to discuss your relevant experience, the role and The Scottish Funding Council in more detail. Should your application be progressed, the selection panel will assess your application by considering the evidence you have provided in your CV / Cover Letter. Please ensure your application demonstrates how you meet the criteria in the Person Specification for the role. The selection panel will then select the shortlist of candidates to take forward to interview stage. Pre-Employment Checks As part of our pre-employment process, we will ask you to provide relevant documentation to show that you are eligible to work in the UK and a Basic Disclosure Scotland certificate. You must be eligible to work in the UK to apply for this role; we do not offer sponsorships. We also take up references as part of this process. Expenses will be reimbursed for Basic Disclosure check. This will only be requested if you are appointed to the role. Disability Confident If you need any adjustments to support your application, such as information in alternative formats, please contact us and we’ll do everything we can to help. If you’re eligible under the Disability Confident Scheme please give details when prompted at the appropriate stage in the online application process. Job Types: Permanent, Fixed-term contract Contract length: 8 months Pay: £46,392.00-£54,003.00 per year Benefits Company pension Health & wellbeing programme Sick pay Work from home Schedule Monday to Friday No weekends Work Authorisation United Kingdom (required)