Data Privacy Advisor

We are looking for an experienced Data Privacy Advisor to provide Data Privacy advisory support across BX COO (Chief Operating Office) & Functions within the Data Privacy Advisory team in the BX Chief Data Office (CDO).

Candidates will be required to work from the office in central Glasgow 37.5 hr week, working on a hybrid basis.

Key responsibilities as an Data Privacy Advisor:

• Serve as a Data Privacy SME and advisor for the client Business and accountable Business Senior Manager(s).
• Fulfil responsibilities aligned to the Data Privacy roles and responsibilities and advise the Businesses in line with relevant client-wide policies and standards related to Data Privacy in accordance with the client strategy and governance framework.
• Ensure Data Privacy is considered in new product approval and technology change processes and provide check/challenge in relation to new business propositions in relation to Data Privacy key risks to ensure that any risks are identified, and appropriate mitigating actions taken
• Collaborate with the Data Privacy Governance team to ensure that Data Privacy related incidents, breaches, and risk events are appropriately reported, recorded, and monitored at the relevant governance fora.
• Effectively maintain key stakeholder relationships and work closely with the Head of Data Privacy, Data Privacy leads in each Business vertical, Data Privacy Compliance, and other Data stakeholders.
• Inform the development of training to upskill DP functional leads in verticals, operating in a partnership role to upskill the wider population ensuring awareness of actual and emerging data privacy issues, themes, and risks.
• Input into the annual privacy notice(s) and Records of Processing Activities (RoPA) updates.
• Responsibility for identifying, assessing and controlling the risks associated with transferring Personal data to a different jurisdiction.
• Provide input into or measure, as appropriate, conformance, assurance, and reviews from the perspective of Data Privacy within the Businesses, such as verification checks or monitoring reviews.
• Respond to ad hoc and critical DP control and governance requests and work on various projects and initiatives to ensure that an appropriate control lens is provided.
• Oversight of data privacy related incidents, issues, and control gaps, working with issue owners to ensure that analysis is undertaken for control weaknesses to be identified and remediated and be responsible for all subsequent change activities

The ideal applicant will have following skills and experience:

• Certifications in one or more of the following disciplines: data privacy, legal, compliance information risk or information technology would be useful.
• Professional Privacy Certification from the International Association of Privacy Professionals (e.g., CIPP /E) or equivalent is preferred.
• BCS qualification in Data Protection.
• Relevant knowledge with proven experience in data protection regulations in the UK and / or across the rest of the World (US, APAC & European regions), preferably in the financial services industry.
• Previous Business, Compliance or Legal experience is preferred but not required.
• Strong technical and regulatory knowledge in the areas of Data Privacy.
• Experience with handling and information control and management of data breach or technology related incidences is also an advantage.
• Experience with privacy impact assessments and privacy risk and control assessments.
• Understanding of Data Privacy related issues that arise in relation to the use of enterprise-wide technology (e.g., outsourcing, technology).
• Experience with conformance testing, reviews, and assurance.

If you are successful and offered an opportunity, we will need to carry out pre-engagement screening, this will usually include a DBS Check, Credit Check, and references from previous employers.