At Mace, our purpose is to redefine the boundaries of ambition. We believe in creating places that are responsible, bringing transformative impact to our people, communities and societies across the globe. To learn more about our purpose, culture, and priorities, visit our
Within our consult business, we harness our unique combination of leading-edge practical expertise and project delivery consultancy to unlock the potential in every project.
Our values shape the way we consult and define the people we want to join us on our journey, they are:
1. Safety first - Going home safe and well
2. Client focus - Deliver on our promise
3. Integrity - Always do the right thing
4. Create opportunity - For our people to excel
The senior data protection and data privacy specialist supports the data protection officer and/or global privacy officer (as required) to deliver group wide priorities in connection with the global privacy portfolio. Provides specialist advice and guidance, ensuring compliance with GDPR and other privacy regulations. The role is responsible for leading upon key strategic initiatives and projects for the privacy and data portfolio & providing assistance where required as determined by the data protection officer/global privacy officer.
You’ll be responsible for:
5. Working with the data protection officer (DPO) and/or global privacy officer (GPO) to implement and achieve Mace group’s data and privacy strategic objectives.
6. Creating, providing, monitoring and auditing data protection advice, including creation and provision of global support and training to the business, including production of assessments and reports.
7. Creating, organising and delivering bespoke data protection advice and inputs to key global and group strategic projects and working groups as required.
8. Analysing and reporting upon data protection and data privacy compliance across the global business, embedding a global corporate data protection standard into our global offices.
9. Working with the DPO/GPO to provide statistical analysis & insights of compliance across the organisation, including risk reports as required.
10. Reporting upon compliance with statutory deadlines and regulatory requirements, including ICO (information commissioner's officer) and other regulatory registrations, regulatory reporting, audits and associated activities - including updates, analysis of new laws and policies in relation to data and privacy and their implementation across the Mace group.
11. Creating and maintaining policies, processes and contract documentation (including DPIA’s TRA’s LIA’s and FRA’s for AI) in accordance with applicable privacy laws, including updating of regulatory reporting templates, reporting and audits, such as data protection impact assessments, legitimate interest assessments, transfer risk assessments etc and the communication around these, as well as approach and templates.
12. Collaborating across the business to improve data privacy awareness and assisting with global compliance programmes.
13. Competently providing review, amendments and advice upon data processing agreements (DPA's) and other data/technology/AI/legal agreements in connection with data to various teams, including other lawyers.
14. Updating and producing global content for the GDPR and privacy team portal and for the intranet, Infomace and other platforms for the GDPR team, including new content creation and assisting with the delivery of a global data privacy hub.
15. Assisting & supporting the DPO/GPO in implementation, monitoring, analysis and review of joint strategies for data privacy programmes or initiatives with IT, digital, AI working group and other relevant groups.
16. Acting as a key point of contact for data subjects, supervisory authorities (ICO), internal business units, external clients, contractors, suppliers and auditors when required.
17. Assisting with the management, analysis and reporting of data protection/GDPR incidents, including breaches of personal data, and data subject rights, including all regulatory documentation and reporting as required.
18. Acting as a key point of contact and responsibility for EU representative (post Brexit) where required by the data protection officer.
19. Instructing and working with external data protection legal counsel consultants and others as required upon novel global data privacy and AI matters.
20. Utilising domain subject matter expertise & assists the DPO/GPO in the identification and implementation of continuous improvement plans/identifies key business improvements.
21. Implementing, monitoring and managing reports, audits, privacy enhancing tools and capabilities to deliver the compliance and evidence of compliance across Mace group.
22. Assisting with the build and implementation of a global privacy hub to deliver excellence across the organisation under the supervision of the DPO/GPO.
23. Providing performance management, technical development reports and analysis via BI reporting and SharePoint to assist the DPO/GPO in the management, reporting and monitoring of data privacy projects or initiatives, KPIs and goals against the agreed strategies, and managing these programmes as required by the DPO/GPO.
24. Working collaboratively towards the common goal of net zero carbon transition and share responsibility for the proactive identification and management of the associated carbon emissions and reductions during the delivery of work.
You’ll need to have:
25. Excellent organisational, administration, with persuasive communication skills and good time management skills.
26. Comprehensive knowledge of privacy laws and regulatory standards and guidance across multiple jurisdictions, including knowledge of data protection/privacy laws in the US, UAE and other relevant international jurisdictions
27. Previous experience of data protection at a medium to large organisation with global exposure across multiple jurisdictions.
28. Excellent analyst and technical skills, including report creation and writing, preferably with experience of BI reporting.
29. Be a seasoned privacy professional with a strong track record of implementing privacy programmes preferably, across multiple jurisdictions.
30. Takes ownership to complete responsibilities & deliver on commitments to deliver to agreed deadlines, handling multiple demands and competing priorities effectively.
31. Demonstrates enthusiasm to work with others and interacts well at all levels, sharing your expertise and knowledge with others
32. Uses data, data analysis or other evidence to support solution finding process.
33. Builds wide and effective networks inside and outside the organisation.
34. Strong presentation skills and be able to present clearly and confidently with your audience in mind.
35. You will need to be innovative and adaptable; not fazed by challenges and open to new ways of working.
36. Strong analytical skills - numeric, statistical and written detail.
37. Collaborative and inclusive - harnesses the power of the collective for impact/progress.
You’ll also have:
38. Additional international/national data protection qualifications such as CIPP/E (certified information privacy professional/Europe) qualified and IAPP (international association of privacy professionals) membership (or equivalent) or working towards.
39. Good technical skills, with a good understanding of digital technologies, data and IT.
40. Project experience within a GDPR or data team.
41. Used and familiar with privacy enhancing tools, or compliance tools (for example One Trust).
Mace is an inclusive employer and welcomes interest from a diverse range of candidates. Even if you feel you do not fulfil all of the criteria, please apply as you may still be the best candidate for this role or another role within our organisation.
We are also open to discussing part-time, flexible, and hybrid working options if suitable within the role.
#LI-Onsite