Data Protection Analyst (VA473)

We are seeking a Data Protection Analyst to take responsibility for ensuring adequate oversight of data, governance and ensuring the firm remains compliant with internal policies and the data protection regulations that apply across the Carey Olsen Group, and to carry out data protection related tasks as directed by the Information Risk Analyst or Group CISO.

This role can be based in one of our Guernsey, Jersey or Southampton offices.

Principal duties

• Assist with the coordination of the Group's data protection activities
• Analyse data processes and flows to identify potential risks and areas for improvement
• Provide the first point of contact for recording and coordinating the response to reported data breaches, escalating as needed to the CISO
• Monitor and provide reporting that evidences compliance with data protection laws, group security controls, and internal operating procedures of any outsourced data processors
• Support the development, implementation, and maintenance of data protection policies, procedures, and controls, and advise on data protection and privacy risks
• Provide advice and support to business stakeholders regarding data protection impact assessments.
• Support the timely processing of data subject access requests
• Assist with the coordination of an education program for the Group and its employees to facilitate adherence to relevant data protection regulations
• Maintain records of all data processing activities undertaken by the Group, including the rationale and purpose of all processing activities, which must be made public on request
• Ensure effective internal communication to facilitate ongoing employee engagement
• Collaborate with technology and other business teams to maintain appropriate data privacy practices.
• Ensure data processing records are kept up to date
• Ensure timely maintenance of data protection registrations

Experience

• Experience with data projects and a solid understanding of the requirements of data protection and risk management
• Strong knowledge of the Data Protection Regulations
• Experience supporting and reviewing data protection impact assessments (DPIAs) and managing data risks and incidents
• Knowledge of best practices in data governance and compliance
• A strong interest in data protection and a desire to learn is essential.
• Professional certifications in data protection (e.g. IAPP) are desirable but not essential

​Click on "Apply for this job" to submit your CV.