Reporting to / Director of Information
Employees reporting to role / Data Protection Assistant & Information Security Manager
Financial Responsibilities / n/a
Purpose of Job / The Data Protection Officer willbe responsible for the development of data protection and global information security compliance throughout the Commission
Key responsibilities and accountabilities
General
- Develop and execute a privacy/data protection framework for the Commission. This includes identifying areas of non and partial compliance across the organisation, particularly in relation to GDPR
- Ensure compliance with all related privacy and data protection regulations by developing the relevant policies, standards and guidelines to support the new privacy/data protection framework and tomonitor the Commission and its employees’ compliance.
- Develop a global standard which reflects the Commission’s objectives on information security and ensures that its most sensitive areas are protected.
- Enable the effective use of the Commission’s information and promote data protection and information security awareness by providing training and guidance materials to all staff around the world.
- Ensure all information access requests are handled within the statutory time limit.
- Inform and advise Commission employees who carry out processing, of their responsibilities and obligations under current and future legislation and support business teams in understanding their obligations under data protection legislation to meet user and information management needs.
- Provide assurance that personal information across the Commission is managed in compliance with current and proposed Data Protection legislation and policies.
- Report risks and data breaches to your line manager and the ICO when appropriate.
- Benchmark and assess current Data Protection practice against industry standards and best practice.
- Ensure the Privacy Impact Assessment process is adhered to and remains relevant and current
- Sets and delegates the performance standards required of staff, identifies development needs, ensures members of staff, at all levels of the organization, receive the training and coaching required.
- To implement the Commission’s EU General Data Protection Regulation strategy throughout its European offices and other locations and to oversee the smooth running of Information Security policies.
- Contribute to corporate projects, tasks and working groups as required / directed
- Manage the information risk register and ensure input to the corporate risk register with respect to information security and data protection
Key contacts and relationships
- Responsible to the Director of Information
- Senior Management Team
- Area Directors
- Responsible for the relationship between the Commission and relevant statutory bodies with respect to data protection
Knowledge &qualifications/experience required
- Degree level of education in a relevant subject or equivalent standard of experience
- Hold or be working towards a qualification e.g. Practitioner Certificate in Data Protection
- Up to date knowledge of the industry and its ongoing development areas
- Expert knowledge of compliance within the UK and the EU, in a complex organization as well as the ability for interpretation of specific regulation and legislation (Data Protection Act, EU General Data Protection Regulation, ISO27001, PCI DSS, legislation/regulation and guidance)
- Practical and demonstrable achievement in linking information and data protection strategies, policy and implementations to organisational outcomes
- Experience of managing a team
- Experience in delivering projects in a multi-disciplinary and multi-cultural environment
Competencies & Key Skills (functional/technical)
- Excellent written, oral and interpersonal communication skills
- Excellent leadership and team building skills
- Strategic thinking
- Strong planning and organising skills with the ability meet deadlines
- Proactive and innovative
- Team building skills
- Excellent negotiation and influencing skills
- Ability to make decisions and take responsibility
- Strong analytical skills and with good attention to detail
- Willingness to travel including to overseas locations
- Full UK driving licence
Date of Preparation1
April 2017