Privacy Analyst

About ISG

ISG is a dynamic global construction services company.
We have had a hand in some of the world's most impactful and recognisable places, but our legacy is about far more than buildings. Across Europe, the Middle East and Asia, we deliver places where people and businesses make memories, forge new experiences, and reach their goals.
In short, we deliver the places that enable people and businesses to thrive.

Job Purpose

Role purpose

Great opportunity for a Privacy Analyst to join our team based from the Ipswich office one a day a week and four days working remotely with the occasional travel.

Reporting into ISG's Data Protection Officer, the Privacy Analyst is required to assist the data protection team in their remit to ensure the global business is compliant with all aspects of data protection regulations in the countries that ISG operates in. The role requires strong communication skills, as there will be a need to work with colleagues at different levels of the organisation, from both an on-site/project and Enabling Department perspective.

The role is office based (with some flexibility on exact location) but some travel to ISG offices (particularly Central London and the other regional offices) and to a lesser extent project sites in both the UK/overseas may be required from time to time.

Key accountabilities

• Analysis of the business needs of stakeholders and applicable regulations; in conjunction with the Data Protection Officer, provide relevant internal advice, using a risk-based approach.
• Gather and compile information on ISG's business and supply chain practice, capturing what processing is undertaken, where/purpose, what risks such processing may present, and maintaining records/registers of such activities.
• Collaborate with stakeholders to determine privacy requirements and clearly identify what data protection risks are present for any given business activity.
• Under the guidance of the Data Protection Officer, conduct Data Protection Impact Assessments (DPIA) to help ISG and its partners make appropriate business and technology change decisions; ensuring they are produced to a high quality, and that risks are correctly identified and then tracked through to mitigation. Support other colleagues from both Business Units/on-site project teams and Enabling Departments in completing DPIAs, as required.
• Take a proactive approach to keeping up to date with changes in data protection regulations to ensure the data protection team aligns their advice with current guidelines and best practice. Commitment to continued learning and professional development, remaining current with changing legislation both in the UK and internationally that could impact the business.
• Work with the ISG's Risk, IT Security, Business Change, Compliance and Internal Audit teams on the information governance agenda.
• Assist with Data Subject Access Requests (DSAR), identifying scope, eliciting relevant data from multiple sources, and redacting confidential/unnecessary information, as necessary.
• Support the overall compliance program through a variety of tasks, including but not limited to; scoping and planning the delivery of risk mitigation activities, compliance analysis, document control, maintaining trackers for the DPO, researching policy updates, supply chain compliance and progress reporting.
• Coordinate the review of contracts, agreements and Terms and Conditions to ensure that they are compliant with data protection legislation.
• Participate in the maintenance of the data protection framework through measures such as project planning, document control, policy updates, maintaining records and registers, conducting supply chain checks, and reporting.
• Audit processes, practices and documents to identify weaknesses and implement any required mitigations or improvements. The postholder may be required to work in parallel with ISG's Business Assurance (Internal Audit) team with regard to the auditing of existing data protection processes and play a part in the recommended risk mitigating actions.
• Liaise with ISG's external advisers, at the request of the Data Protection Officer, or to stand in for the Data Protection Officer from time to time. The postholder may also be required to attend other senior forums from time to time, including the Risk Committee, Business Change Board, Data Governance Committee or Serious Incident Group, in support of the Data Protection Officer and/or Company Secretary.
• Assist the Data Protection Officer in developing and potentially taking part in the delivery of data protection training to various internal stakeholders.

What's in it for you?

• Ongoing career development and accredited learning

• Annual recognition and values awards

• Global employee assistance program

• Pension scheme

• Life assurance

• Private healthcare including private GP service and mental health pathways

• As part of our wellbeing offering, ISG offers a monthly wellbeing allowance

• Cycle to work scheme

• Electric vehicle salary sacrifice scheme

• Industry-leading family friendly policies (39 weeks maternity leave and 8 weeks paternity at full pay)

• Volunteer day

• Discounts such as cinema to ensure you're still loving ISG even when you leave the office

• Most Friday's are a 4 pm finish providing work is completed for the week

• Your work-life balance really matters to us, so in addition to your holiday allowance we have a You Day to allow you to take an extra day off to celebrate a special event, spend time with your family or just do something that will make your life easier or more enjoyable

• Thriving networks including I-NOW (Women's Network), Race and Faith, LGBTQIA+, Armed Forced Covenant and the menopause working group, everyone's invited

If you'd like to speak to the Talent Acquisition team, please contact tateam@isgltd.com below for more details.