Job Type: Fixed Term Build a brilliant future with Hiscox Privacy Manager HR/People Function – 12mths Fixed Term Contract London - min 2 days in the office per week Reporting to the People Operations Director As Hiscox’s Privacy Manager aligned to the People Function / HR, you will need to ensure the right culture, processes and controls are in place and embedded to meet our regulatory requirements to protect employee and prospect data. You will directly report to the People Operations Director within the People structure, with a dotted reporting line to the Group Data Protection Officer. You will simultaneously be part of an international privacy team, deploying and coordinating the privacy framework from within the People Function Operations team. From a regulatory standpoint, this is an interesting opportunity to cover multiple regulatory regimes from the UK Data Protection Act 2018 / UK GDPR, EU GDPR, Bermuda PIPA and US privacy laws such as the CPRA simultaneously. You will work closely with the Privacy team and will be responsible for understanding, monitoring, and promoting regulatory requirements related to People Governance. You will also be responsible for implementing and enforcing the relevant processes and practices that drive compliance within the function and wider organisation. You’re the type of person who will enjoy taking ownership for a wide range of areas critical to the successful delivery of our People Function regulatory and change agenda - someone who loves driving change. But you’ll also be comfortable working with ambiguity; there will be times when you will know what to do, and others when you’re not sure but happy to explore, ask, discuss, and challenge as we work to bring about real change and offer genuine support to our colleagues. What you’ll be doing in the role You will take ownership for a wide range of areas to deliver our People Function regulatory agenda which will include: Completion of the People Function component of the Privacy Management Framework, culminating in a plan of action for the coming year to improve the functions controls and risk profile Ongoing maintenance on Employee Privacy Notices as required Ongoing management of the People Function data retention schedules and associated actions Supporting stakeholders to navigate compliant uses of personal data within Hiscox for new products, services, and changes to our business via project engagement and DPIA (Data Protection Impact Assessment) process Upskilling and awareness of data privacy issues impacting the People Function and its policies and processes Being a member of the Privacy Management Team, working alongside Privacy colleagues in all locations to ensure that there is a holistic approach to data privacy and the People Function’s requirements are known and considered Responsible for management of the data breach process in line with the Group policy Contributing to the development and maintenance of Hiscox data protection and privacy policies, standards, and guidelines, specifically with UK required standards and for UK business processes. Ensuring that our records of processing activity (ROPA) are kept up to date Working with the training and learning teams to develop and enhance privacy training programs, team workshops and communications. Advising on compliance requirements for contracts involving personal data – including International Data Transfers – if applicable Advising on the use of innovative technology, taking regulatory guidance and integrating applicable steps to business processes Reporting on privacy risk, control maturity and KPIs to senior management Working with other first line of defence control functions to identify broader lessons learnt opportunities for the business based on thematic and trend analysis Our must-haves Experience of working within and/or closely advising a HR (People) function Hold data protection qualifications, including the IAPP CIPP/E and/or CIPM Experience in managing privacy operations and transformation initiatives in an Insurance or Financial Services setting Expert knowledge of the in-scope privacy laws and practice Experience that includes the interpretation and operationalisation of data protection regulations in complex organisations. Ability to influence stakeholders to drive results A proactive approach to manage a diverse workload and stakeholder expectations A love of driving change, leaving things better than you found them People management experience About Hiscox We embrace hybrid-working practices, balancing the ability to work remotely with the culture and energy we experience when we are face-to-face in our offices. Our focus on collaboration and cross- functional working is supported with virtual tools that minimise physical travel, hot-desking neighbourhoods that create a physical sense of community and Team Charters that our teams co- create to set out how they’ll work together. This modern way of working has contributed to impressive employee engagement scores across Hiscox and means we’re delivering even better solutions for our Hiscox Colleagues. As an international specialist insurer we are far removed from the world of mass market insurance products. Instead we are selective and focus on our key areas of expertise and strength - all of which is underpinned by a culture that encourages us to challenge convention and always look for a better way of doing things. Diversity and flexible working at Hiscox At Hiscox we care about our people. We hire the best people for the job, and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success. We also understand that working life doesn’t always have to be ‘nine to five’ and we support flexible working wherever we can. No promises, but please chat to our resourcing team about the flexibility we could offer for this role. You can follow Hiscox on LinkedIn, Glassdoor and Instagram (HiscoxInsurance) LI-AS1 LI-Hybrid Work with amazing people and be part of a unique culture