Head of Data Protection & Compliance
About the Role
We are working with a large and rapidly growing Customer Contact Centre operation to recruit a Head of Data Protection and Compliance.
The role is primarily concerned with providing oversight, advice, guidance and leadership across the company on all aspects of Data Protection and regulatory compliance risks including FCA, OFCOM, OFGEM.
Reporting to the CEO the role will lead the strategic development of all data protection and regulatory compliance arrangements for the company, providing assurance and oversight of risks and issues. The post holder will act as CF28 (Systems and Controls) approved person with the FCA.
A background in leading Compliance within a heavily Customer orientated and Customer Data organisation is key (Financial Services / Retail / Energy / Automotive / Insurance etc)
Working across multiple sites (in and out of the UK) the successful individual will grow a Compliance team and will have the following main responsibilities:
- To provide subject matter expertise for all data protection related activities.
- Responsible for ensuring appropriate Data Sharing contractual agreements with clients and suppliers
- Work with key stakeholders responsible for management of data protection risks such as the Group IT director to ensure that system and controls to ensure compliance with GDPR and DPA 2018 are in place and effective
- Maintain a record of all data processing activities and categories of data
- Support the delivery of an effective Information Security
- Management System
- Oversight of systems and controls including annual review of compliance policies
- Horizon scanning, and communication of regulatory change and requirements
- Lead implementation of regulatory changes such as SMCR
- Identify and escalate regulatory risks to the Board
- Devise and maintain an enterprise level risk identification and assessment process and embed this within the business
- Chair exec team risk review meetings, providing effective reporting of risks over appetite and tracking actions to ensure risk treatment and mitigation activities are effective
- Support all other compliance related activities such as OFGEM, OFCOM and ISO accreditation
The organisation are in the process or expanding rapidly and as such progression and development is highly probable.