Description Reporting to the Assistant Director, Information Governance you will lead on responding to information rights requests and fulfil the role of the Data Protection Officer - a key role within SFC. You will work in close partnership with senior leaders, including the Senior Information Risk Officer and Chief Information Officer, supporting the Assistant Director to deliver the Information Governance Framework and leading on associated activities. As an experienced Information Rights and Data Protection practitioner, you will be skilled in dealing with sensitive, complex information at pace, building trusted relationships with colleagues across SFC, and you will exercise good judgement in responding to information rights requests. You will be expected to work flexibly across the responsibilities of the information governance team, stepping in to provide cover and support when required to ensure deadlines are met. A keen understanding of the strategic context within which the SFC is working will be key to success in this role. Key Responsibilities Leading the response to information rights requests, providing advice to colleagues across SFC, ensuring legal compliance with relevant legislation. Provide an efficient and effective senior contact point for queries in relation to information rights and data protection including complex ones. Ensure staff fully understand their responsibilities within data protection legislation and information rights and follow relevant processes, evidenced through reporting and auditing. Promote an information governance culture and an understanding of data protection compliance throughout the organisation. Inform and advise SFC staff, including senior leaders, about their obligations to comply with the UK GDPR and other relevant data protection laws taking into account the nature, scope, context and purposes of the processing. Develop and maintain effective coordination and liaison with our stakeholders and external partners. Identify opportunities to improve ways of working within Information Governance and implement positive change. Manage and advise on internal data protection activities, for example supporting colleagues to deliver Data Protection Impact Assessments and Data Sharing Agreements. Develop and maintain SFC’s Records of Processing Activities (RoPA) to ensure that it is accurate and regularly reviewed and information asset owners understand their responsibilities. Co-ordinating with Information Governance colleagues, assess and respond to personal data breaches, including reporting to senior management and the ICO as required. Identify and implement improvements to data protection and information rights compliance based on user requirements and best practice. Contribute, make recommendations and report to the Information Governance Oversight Group on data protection and information rights development and compliance, including risks, trends, good practice, mitigation, and training. Monitoring SFC’s compliance with the UK GDPR and other data protection laws and with our data protection policies, raising awareness of data protection issues, training staff and conducting audits. Being the first point of contact for the ICO and for internal and external stakeholders, including data subjects. Support the formulation, implementation and regular review of policy and guidance to ensure that data protection and information rights policies meet all relevant legislation and best practice. Skills, Knowledge and Expertise Essential Skills, Qualifications, and Experience Experience of leading and working within data protection and information rights and evidence of supporting an organisation in its compliance with relevant legislation. An excellent understanding of the legal and regulatory landscape of all aspects of information governance (freedom of information, records management, information security for example) and how they apply to this role. Evidence of personal commitment to continuous professional development relating to relevant legislative changes and best practice. Ability to demonstrate good judgement when analysing and responding to complex issues. Excellent oral and written communication skills, including experience of drafting reports, policies, procedures, communications to staff (with varying degrees of expertise), and responses to information rights requests. Excellent interpersonal skills, including the ability to build effective relationships, work collaboratively and take account of others’ perspectives. Ability to work autonomously, take ownership of work, and prioritise tasks and time appropriately. Excellent organisational and planning skills, including the ability to work calmly and at pace and the flexibility to manage a diverse range of priorities. Qualified to SCQF Level 9 (Degree) or equivalent experience. Desirable Skills Experience of performing the Data Protection Officer role, preferably in a public sector context. Experience of enhancing the information governance culture in an organisation, preferably within a public sector context. Benefits Normal full-time hours of work are 35 per week. We will consider flexible working arrangements. A flexi-time system is in operation. Annual leave entitlement of 26.5 days pro-rata, rising to 30 days pro-rata after 2 years’ continuous service. Public and privilege holiday entitlement of 13 days pro-rata. A flexible approach to hybrid working, giving you flexibility to work from home anywhere in the UK for some of the time while also maintaining regular in-person contact with colleagues. Annual pay review: approved within the framework of the Scottish Government’s Public Sector Pay Policy and negotiated with our recognised trade union, Unite. Salaries are reviewed annually in April for employees who commence employment prior to 1 October in the preceding year. Eligibility to join the Civil Service Pension Scheme. Support for continuous professional development. Support for health and wellbeing, including generous occupational sick pay and access to occupational health support. We provide support to SFC employees with Volunteering Days. Support for travel to and from work. About Scottish Funding Council We are the Scottish Further and Higher Education Funding Council, more commonly known as the Scottish Funding Council (SFC). We are Scotland’s tertiary education and research authority and our purpose is to sustain a world-leading system of tertiary education, research and innovation that enables students to flourish, changes lives for the better, and supports social, economic and environmental wellbeing and prosperity. We do this by investing around £2 billion of public money to deliver: Tertiary learning and teaching. Skills and apprenticeships. Student support and participation. Research, innovation and knowledge exchange. Data collection and dissemination. National quality assurance and enhancement processes. Capital and digital infrastructure for the sector. Strategic change, responsive provision and research priorities. As a non-departmental public body established by the Further and Higher Education (Scotland) Act 2005, we are directly accountable to Scottish Government Ministers and the Scottish Parliament. We work across many government portfolios and are sponsored by the Lifelong Learning Directorate. You must already be eligible to work in the UK to apply for these roles. We are pleased to support applications from everyone regardless of age, disability, race and ethnicity, socio-economic background, gender, sexual orientation, sex, gender reassignment, marital or civil partnership status, pregnancy or maternity, religion or belief.