Information Compliance Manager (Data Protection)

We are working with a rapidly growing not-for-profit organisation, who are looking for an Information Compliance Manager to join a fast-paced collaborative environment. This is a chance to join an organisation passionate about changing lives. They are offering a competitive salary, benefits and hybrid working.

Responsibility

You will own the smooth day to day running of the compliance programme: –

• Managing the annual Compliance Calendar, scheduling information assurance monitoring, auditing, policy review, training, and other regular activities
• Managing Record of Processing Activities (ROPA) and working with departmental colleagues to ensure this remains current.
• Reviewing ROPA entries to identify high risk personal data processing activities requiring Data Protection Impact Assessment (DPIA)
• Conducting information assurance audits and producing high quality reporting
• Identifying non-conformance and elevated risk issues for escalation
• Ensuring excellent Compliance record-keeping by maintaining accurate, auditable records and logs across Compliance activities
• Contributing significantly to the success of the Data Ethics Group in engaging stakeholders to support a positive data culture.
• Supporting the Hoc in the co-ordination of data incident response
• Co-ordinating responses to data subject requests
• Ensuring the responsiveness of the Compliance Team to incoming enquiries and providing guidance on within-policy matters and procedures
• Advising colleagues on compliance with the company’s policies and processes
• Proactively identifying opportunities for improvement and working to operationalise agreed changes to procedures.

Essential

• Undergraduate degree or equivalent technical qualification(s)
• 2+ years relevant work experience in an operational information governance/ Data Protection/ compliance or similar role

Preferable

• Relevant Data Protection certification/ qualifications (professional or postgraduate) such as BCS/ISEB Data Protection Practitioner, IAPP CIPP/E or CIPM
• Foundational or above information security certification such as BCS CISMP or ISC2 CC
• Experience of working with an ISMS (Information Security Management System) v1.0 Information Compliance Manager January 2024
• ISO 27001 Implementer or Auditor certification
• Experience using a GRC platform or other Information Compliance-specific governance tools.

For further information, please apply.

Please note our advertisements use PQE/salary levels purely as a guide. However we are happy to consider applications from all candidates who are able to demonstrate the skills necessary to fulfil the role.

Please note that your personal information will be treated in accordance with our Privacy Policy.