Why apply for this role?
Xcina Consulting, an award-winning Governance, Risk and Consulting practice, is expanding its data protection team due to increased demand. Are you an experienced, highly competent, and motivated data protection consultant / senior consultant looking for your next challenge?
This is an excellent opportunity for an ambitious individual and provides excellent prospects for growth within a dynamic and growing risk management consultancy.
The ideal candidate will be highly knowledgeable about data protection requirements such as the UK Data Protection Act 2018 and GDPR. The successful candidate will have a dual role delivering data protection consulting engagements and driving client opportunities within Xcina Consulting, reporting to the Senior Director, as well as managing the parent company’s (Shearwater Group) Data Protection Office, reporting to the Group Data Protection Officer and the Chief Executive Officer.
What you’ll be doing
- Fulfilling the role of Privacy Officer for the Shearwater Group.
- Maintaining and enhancing strategies and compliance frameworks and executing assurance programmes to ensure compliance with data protection and privacy laws and regulations.
- Performing DPIAs and Legitimate Interest assessments and maintaining the Group Companies’ Records of Processing Activities.
- Ensuring requests made by data subjects are handled appropriately.
- Developing, facilitating, and delivering training and awareness workshops.
- Being the go-to person on all data protection queries, providing expert input and advice.
- Providing management information on data protection and privacy to senior management.
- Liaising with relevant regulators, including the Information Commissioners Office, on behalf of the Group.
- Consistently advising clients on personal data governance, accountability, and risk management.
- Performing data protection and privacy consulting engagements, including audits, assessments and analyses based on deep knowledge and understanding of regulatory obligations, particularly with regard to data governance and privacy.
- Maintaining knowledge, keeping abreast of relevant regulatory developments and understanding how client activities may be impacted.
- Networking and sharing knowledge through public seminars and writing thought leadership articles relating to data protection best practices.
- Building strong relationships with prospective and active clients across the business and acting as their trusted advisor, helping them to secure their business and data.
What we’re looking for
- Must have at least one CIPM, CIPP/E, CIPP/US, CIPT, Certificate in Data Protection or Data Protection Practitioner.
- Minimum 5-10 years’ experience providing data protection and privacy consulting services.
- Wider technical knowledge of information security standards and best practices, including Cyber essentials and ISO 27001:2013, is desirable.
- Detailed knowledge of privacy and associated data protection laws and regulations, including the UK Data Protection Act 2018, the EU General Data Protection Regulation, Privacy and Electronic Communications Regulations (PECR) and associated legislation.
- Ability to translate regulatory requirements into pragmatic solutions tailored to the client’s business.
- A comprehensive understanding of the practical application of the legislation and official guidance relating to processing information and personal data.
- Ability to audit data management systems.
- Detailed knowledge of global data transfer mechanisms and controls.
- Experience supporting and developing team members.
- Able to develop and deliver guidance, advice and training on data protection and privacy requirements.
- Ability to build relationships with clients at all levels of the organisation and experience in managing client relationships.
- Strong communication skills, which are especially important in enabling effective communication with clients and colleagues.
- Strong presentation and writing skills, in addition to having technical knowledge.
- Prior experience in consulting would be advantageous.
What else you need to know
This role will be based in our London office (near Bank Station), client sites and remotely. Flexible working will always be considered.
What to do next
If this sounds like a role you’re interested in, then please apply on the link below.
In order for us to process your application further, please submit your details below and upload a
copy of your latest CV.