Senior Information Management and Governance Officer
Data Protection and Information Rights lead (Grade E3)
FTC until August 2025 (Maternity cover)
Edinburgh/Hybrid
£46,392 – 54,003 per annum
Everything we do at the Scottish Funding Council (SFC) aims to create the right environment for colleges and universities to thrive.
The Scottish Funding Council is Scotland’s tertiary education and research authority. Our ambition is to make Scotland an outstanding place to learn, educate, research, and innovate – now and for the future. We have a clear focus on recruiting the best people and developing them throughout their career.
Job Summary
Reporting to the Assistant Director, Information Governance, you will lead on responding to information rights requests and fulfil the role of the Data Protection Officer - a key role within SFC. You will work in close partnership with senior leaders, including the Senior Information Risk Officer and Chief Information Officer, supporting the Assistant Director to deliver the Information Governance Framework and leading on associated activities.
As an experienced Information Rights and Data Protection practitioner, you will be skilled in dealing with sensitive, complex information at pace, building trusted relationships with colleagues across SFC, and exercising good judgement in responding to information rights requests.
You will be expected to work flexibly across the responsibilities of the information governance team, stepping in to provide cover and support when required to ensure deadlines are met.
Key Responsibilities
1. Leading the response to information rights requests, ensuring legal compliance with relevant legislation.
2. Providing an efficient and effective senior contact point for queries in relation to information rights and data protection.
3. Ensuring staff understand their responsibilities within data protection legislation and information rights.
4. Promoting an information governance culture and an understanding of data protection compliance throughout the organisation.
5. Informing and advising SFC staff about their obligations to comply with the UK GDPR and other relevant data protection laws.
6. Developing and maintaining effective coordination and liaison with stakeholders and external partners.
7. Identifying opportunities to improve ways of working within Information Governance.
8. Managing and advising on internal data protection activities.
9. Developing and maintaining SFC’s Records of Processing Activities (RoPA).
10. Coordinating with Information Governance colleagues on personal data breaches.
11. Identifying and implementing improvements to data protection and information rights compliance.
12. Contributing to the Information Governance Oversight Group on data protection and information rights development and compliance.
13. Monitoring SFC’s compliance with the UK GDPR and conducting audits.
14. Being the first point of contact for the ICO and for internal and external stakeholders.
15. Supporting the formulation and review of policy and guidance on data protection and information rights.
Person Specification
Essential Requirements:
1. Experience administering Azure Services: M365, App Service, Azure SQL, Blob Storage, Key Vault, ExpressRoute, Virtual machines, Virtual Networks.
2. Experience of Azure Migration.
3. Experience with Continuity of Operations/Disaster Recovery architecture and planning.
4. Extensive experience administering Windows Server OS 2016 and above.
5. In-depth technical knowledge of Microsoft Azure and On-Prem infrastructure components.
6. Knowledge of Azure Security Centre and Azure Monitor.
7. Knowledge of multi-factor authentication and Microsoft AD Integration.
8. Good working knowledge of Network administration and VPN administration.
9. Good working knowledge of Active Directory Services.
10. Qualifications: Microsoft Cloud Certification (AZ-400, AZ-303, AZ-104).
11. Good interpersonal and communication skills.
12. Proven track record of delivering high quality outputs within time and resource constraints.
13. Ability to work collectively and with impact as part of a team.
Desirable Criteria:
1. Experience of performing the Data Protection Officer role in a public sector context.
2. Experience of enhancing the information governance culture in a public sector context.
Additional Information
Location
SFC offers hybrid working for its employees. This means that while the role is based at our Edinburgh office, there is substantial opportunity to work from home. A minimum of one day a month in the office is expected.
Key Rewards and Benefits
* Normal full-time hours of work are 35 per week.
* Annual leave entitlement of 26.5 days pro-rata.
* A flexible approach to hybrid working.
* Annual pay review.
* Eligibility to join the Civil Service Pension Scheme.
* Support for continuous professional development.
* Support for health and wellbeing.
* Support for travel to and from work.
The Selection Process
How to Apply
To apply, please send your CV and cover letter. The selection panel will use this evidence to assess your application against the selection criteria.
Pre-Employment Checks
As part of our pre-employment process, we will ask you to provide relevant documentation to show that you are eligible to work in the UK.
Disability Confident
If you need any adjustments to support your application, please contact us.
Job Types: Permanent, Fixed term contract
Contract length: 8 months
Pay: £46,392.00-£54,003.00 per year
#J-18808-Ljbffr