Summary of role
You will be responsible for the safeguarding of personal and sensitive information handled by Babington. Devising, Implementing and Managing an Information Security Management System (ISMS) across the company, along with conducting the duties of the Data Protection Officer for the business.
Brief summary of principle accountabilities
1. Develop and maintain comprehensive Data Protection and Information Security Policies, Procedures, and guidelines.
2. Ensure a robust and compliant strategy is in place to manage physical security – CCTV, Access Control
3. Introduction of process, policy, and procedures to minimise unstructured data exposure risks.
4. Ensure a robust and compliant strategy is developed and implemented to manage Data Retention and Records Management throughout the business.
5. Monitor changes in legislation and accreditation standards that affect information security and data protection and recommend any relevant change requirements to the organisation’s policies, procedures, and ways of working.
6. Lead on the management and investigation of Data Breaches, ensuring any lessons learnt are feedback to the appropriate Senior Executive Board member(s). Advise on, and monitor the business’s Data Protection Impact Assessments (DPIAs)
7. Develop and deliver training programs to raise awareness about data protection and information security among employees.
8. Foster a culture of security consciousness throughout the organisation.
9. Collaborate with procurement to ensure contractual agreements include appropriate security provisions.
10. Review and where deemed appropriate, implement/ assist in the introduction of security applications and features as required.
Brief person specification
Qualifications (E - Essential; D - Desirable)
11. Grade A-C GCSE in English and Maths or equivalent ( E )
12. ISO27001 Lead Implementer ( D )
13. ISO27001 Lead Auditor ( D )
14. Certified Data Protection Officer (CDPO) ( E )
15. Certified Information Privacy Professional (CIPPE/E) ( D )
Skills and experience
16. Experience in engaging with a range of stakeholders to deliver advice and guidance and raise awareness
17. Experience in managing data protection processes, including responding to Subject Access Requests, Right to Erasure, Incident Management and Breach Reporting
18. Proven experience dealing with outsourced third-party suppliers
19. Significant demonstrable experience in a similar position and size company
20. Ability to analyse key data, management information, systems and processes
21. Ability to deliver to agreed targets.
22. Ability to establish and maintain rapport with a wide variety of people.
23. Ability to manage critical priorities effectively to ensure deadlines are met.
Babington Benefits
24. Babington Engage
25. Bupa Healthcare – Cash plan
26. 25 Days annual leave plus Bank holidays
27. Additional annual leave purchase scheme
28. Employer Pension contribution
We’ll be conducting interviews on a continuous basis and reserve the right to take down the advert when we have found the right candidate. Babington is committed to safeguarding and promoting the welfare of all learners and employees associated with our business. We, therefore, expect all employees to share this commitment and demonstrate our values within all aspects of their work. All offers of employment are subject to relevant vetting checks, including successful completion of an appropriate check through the Disclosure & Barring Service. We are innovators in Education so why not apply now and join us in Developing Better Futures!