Head of Data Privacy
Your new company
Hays Legal are delighted to be partnering exclusively with a highly successful International Company in Belfast in their search for a Head of Data Privacy.
Your new role
In your new role you will work closely with the business teams and assist them in the maintenance of security solutions and security best practices. With the aim of reducing Data Security risks to the company.
You will be responsible for the development of the Data Privacy framework, assessing the current elements, the operating environment to determine the data privacy risk. This assessment will support the development of a Data Privacy improvement programme.
You will be responsible for the ongoing improvements and maintenance of established security solutions, specifically relating to Data Privacy but may be called upon to support IT Security tools - supporting technical support teams.
You will also have an in-depth technical knowledge of Microsoft data security solutions and experience in implementing and maintaining them within an enterprise environment.
This includes the response to key monitoring and events which may compromise the network or its data. This should also include knowledge of RMS / DLP tools, deployment and ongoing compliance improvements.
Key Duties and Responsibilities
- Develop a data privacy programme to reduce the data privacy risk and enhance the data privacy resilience.
- Enhance data privacy policies, processes, procedures and technical controls to strengthen the data privacy capabilities and resilience.
- Take a proactive role in identifying data privacy risks, mitigations and opportunities to strengthen resilience to data privacy incidents.
- Participate in the design and implementation of systems and applications to ensure that proposed solutions comply with the company's IT policies
- Assist with security incident management and response activities
What you'll need to succeed
- Deep technical knowledge and experience in implementing and maintaining Microsoft Cloud Security solutions, Microsoft Azure Security technologies, including the broader areas of Microsoft Windows security and Microsoft Enterprise, Mobility and Security suite within an enterprise environment
- Comprehensive experience and in-depth knowledge of enterprise information security and standards including Cyber Essentials, ISO 27001, 27002 etc. Data Protection Act and the General Data Protection Regulation globally and including US Data Privacy.
- Strong experience in Information Security governance, risk and compliance
- As part of this role you must also lead the internal and external audit for ISO, BS10012 and any other standards the company meets to conduct its business. These should be aligned to a rigorous audit framework. Note - the ISMS Manager role maintains a dotted line into IT although the role is considered independent.
- Collaborating and Influencing cross functionally to achieve compliance and good standards, instilling good practice throughout the whole business
- Up to the minute advice regarding the ever changing "Threat Landscape" and data privacy laws globally
- Data Classification and Labelling input / reviews.
- Regional Data compliance and governance, for example specific data needing to remain in a specific country and be backed up within that region (marking this kind of data to restrict transit).
- Data privacy by design, helping to review new applications to ensure data privacy considerations are incorporated in the design / build of new applications.
- Pen Test input though scoping, post-test remediation mitigation advice / input - specifically giving advice to consider data privacy requirements
Data / Security Investigations
- As part of this role you will be called upon to conduct internal investigations following either a Security Incident or in response to a SAR request or internal HR request, you must therefore be confident in conducting investigations in line with PACE recommendations, as well as maintaining a need to know approach. Data Security investigations should be considered strictly confidential and for this the candidate must be willing to undergo security verification and NDA agreements.
- Crisis Management, to handle data breaches including acting as the point person, performing the investigation in collaboration with IT Security. Concluding the investigation and follow through with improvement actions and reporting to the leadership and the ICO if needed.
What you'll get in return
An excellent salary and leading package is on offer for you here including; Car allowance £5K pa Healthcare Pension, 5% employee, 4% employer contributions Holidays 25 + 8 public holidays
What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.