Data Security Executive
12 Month FTC, Full Time
Hybrid – WFH and 1-2 Days East Grinstead Office
Basic Salary £47,000-£50,000 with excellent benefits including 25 Days holiday, Pension Scheme, Life Assurance, Private Health Scheme and family (AXA), Discounts on insurance products, are a wide range of retailers and service providers via the ‘SMILE’ portal. Savings on fuel with My Esso Card Wellbeing allowance (£150 a year). There is further assistance for work related training available. Eye Care Voucher Scheme, Employee Advisory Service
Reason for Vacancy – Expansion due to workload
Key Tasks / Accountabilities for the role of Data Security Executive:
Be primarily responsible for the end-to-end process of fulfilling data subject requests made under the UK General Data Protection Regulation (UK GDPR), such as subject access requests and erasure requests, as well as requests for information from other organisations, such as law firms, law enforcement or government departments
Build on existing internal documentation and communications regarding the data subject request process so that:
Other departments are clear about their responsibilities, and The Data Security Compliance Team handles requests in the most structured, efficient and cost-effective manner possible, while complying with UK data protection legislation and meeting legal deadlines
Work with members of the team on the development and integration of tools involved in the data subject request process, such as the OneTrust Privacy Rights Automation module and other internal platforms
Share the responsibility to conduct reviews of existing assessment and accountability processes and work with business stakeholders to create new ones where required. Assist with the recommendation of improvements to achieve compliance and reduce risk and help to ensure the delivery of agreed recommendations. Examples of processes are:
Data Protection Impact Assessments (DPIAs), Legitimate Interest Assessments (LIAs), Legal Basis for Processing Checklists, Records of Processing Activities (ROPA)
Assist with the optimisation of the above record, list and assessment processes and the continual improvement of associated documentation
Contribute to the application of organisation wide processes such as Data Protection by Default and by Design, working with business teams and the IS department as necessary
Assist in the refresh and communication of the organisation's Data Security Policy set
Contribute to the development and execution of data protection and data security training, awareness campaigns and eLearning training rollouts
Support the Data Protection Officer in ensuring the importance of data security compliance is appropriately communicated across the organisation by assisting with the production of communications as well as articles and guidance for the team’s intranet presence
Assist with the production of well written and carefully considered advice and guidance in response to data protection and data security enquiries, both internal and external
Be willing to take on ad hoc challenges and find solutions for implementation
Represent the team in meetings and for projects and initiatives, where required
Attend industry events, conferences and seminars to keep up to date with the threat landscape and any upcoming legislative change
Essential Skills & Experience Required:
Strong knowledge and experience of current and upcoming UK data protection law, e.g. the UK General Data Protection Regulation (UK GDPR), Data Protection Act 2018, Privacy and Electronic Communication Regulations (PECR) and familiarity with guidance published by the Information Commissioner’s Office
One or more recognised data protection qualifications, e.g. UK GDPR Practitioner, CIPP/E, CIPM
Extensive experience of fulfilling data subject requests made under the UK GDPR
Experience of working in a team where providing guidance and advice about UK data protection law to internal and external stakeholders is a primary focus
Proven experience in handling confidential and sensitive information
First rate planning and organisation skills with the ability to manage conflicting priorities while meeting tight deadlines
Must have the ability to work well under pressure while maintaining discretion
Ability to work with minimum supervision, as well as collaboratively and flexibly with others to achieve team objectives
Excellent written English coupled with clear and articulate verbal communication skills
Methodical, with a high attention to detail and accuracy
Highly motivated and focused with a desire to help, use initiative and add value
Confident general IT skills, ideally primarily with use of Google Workspace and Adobe Acrobat Pro (see below) but as a minimum, with Microsoft Office / O365 software suites
Desirable Skills & Experience Required:
Highly proficient use of Google Workspace (Gmail, Drive etc), Microsoft Office (Outlook, Word and Excel in particular) and use of the redaction tools and other key features in Adobe Acrobat Pro
Familiar with information security best practice, e.g. ISO 27001, Cyber Essentials
Awareness of payment card industry standards and requirements, i.e. Payment Card Data Security Standard (PCI DSS)
To apply for this role of Data Security Executive, please send your CV. Closing date for applications is Monday 25th November.
Due to the volume of applications we are only able to contact successful applicants. Therefore if you have not heard from us within 10 working days please deem your application as unsuccessful on this occasion.
Membership Bespoke is acting as a recruitment business in relation to this role. Membership Bespoke positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity.
Membership Bespoke is the most experienced membership-focused recruitment firm in the UK, with 10+ years of experience delivering tailored permanent, temporary, interim, and Executive Search recruitment solutions to Trade Associations, Regulatory Bodies, Political Parties, and Professional Bodies.