Data Privacy Manager

Salary: competitive

Dealing with a variety of stakeholders:

• In-House Counsel lawyers, Information and IT Security, Enterprise Risk and Internal Audit, IT, HR, Project Management Office and broader Business Services teams

• The role is positioned within the General Counsel & Risk team as part of their global risk and compliance function
• The individual will be the senior lead in privacy, will develop the firm's data privacy strategy alongside the Leader of the In-House Counsel team and then lead the implementation of the global privacy programme

The responsibility of this role will be across the firm globally including:

• Developing, managing and implementing global data privacy policies, standards, guidelines and procedures including updating intra-group transfer agreements

• Understanding the firm's activities in the collection, processing, access, ownership, location, cross border transfers and destruction of personal data and controlling the data map
• Leading and managing the DPIA process including risk assessing new systems, processing and suppliers, working with project owners and IT Security
• Maintaining an incident register

• Developing new content and methods for data protection education and awareness
• Advising senior business services managers on the key privacy risks the business faces both now and in relation to new services and products.
• Leading privacy programmes in all offices/regions, engaging with senior business services managers as needed.

• Lead and manage privacy concerns in client audits
• Undertaking privacy compliance reviews of specific offices and business services functions
• Supporting internal audit on data protection processing and activities and responding to internal and external audit findings.

• Providing (sometimes alongside In-House Counsel) data privacy advice to the business on all new processes and projects globally involving privacy issues. This can cover client matters or new firm projects

• Degree educated (technical degree or law degree preferred)
• We would expect the successful candidate to have a minimum 3 years' experience in data privacy, data governance, and information security but may consider those with less experience providing they can demonstrate they meet the required competencies
• Strong knowledge of the GDPR
• Good awareness of data protection in other jurisdictions
• Able to liaise effectively with both lawyers and IT staff
• Ability to identify and analyse data protection risks and controls.
• Experience of drafting and monitoring adherence to policies, processes and general advice
• Working knowledge of a broad range of IT issues, technologies, standards (especially ISO 27001), control frameworks and good practice
• Adaptable, diligent and works with initiative
• Strong internal relationship builder.

#dataprivacyjobs, #legaljobs, #dataprivacymanagerjobs, #dataprivacyjobslondon

About Brimstone Consulting: We specialise in finding highly qualified staff in the following areas:
Forensic Accounting & Fraud - (AML/CTF, Investigation, CFE’s etc.); Legal and LegalTech (E-Discovery, Digital Forensics, EDRM); Big Data and Data Analytics- (MI/BI/CI);InfoSec and Cyber Crime; Audit; Accountancy and Finance; FinTech (Payments etc.);Risk - (Credit, Regulatory, Liquidity, Market, Analysts-SAS, SPSS etc.);Compliance/Corporate Governance ;IT- (full SDLC- BA’s PM’s , Architects, Developers etc.);

Brimstone Consulting acts as an employment agency (permanent) and as an employment business (temporary) - a free and confidential service to candidates. Brimstone Consulting is an equal opportunities employer. Due to time constraints we can only reply to applicants that match our clients’ specifications. We may store applications in our cloud storage facilities that may include dropbox.