Job Title

Data Security Compliance Advisor12 Month FTC, Full TimeHybrid WFH and 1-2 Days in the East Grinstead OfficeBasic Salary 45,000-47,000 with excellent benefits including 25 Days holiday, Pension Scheme, Life Assurance, Private Health Scheme and family (AXA), Discounts on insurance products, are a wide range of retailers and service providers via the SMILE portal. Savings on fuel with My Esso Card Wellbeing allowance (150 a year). There is further assistance for work related training available. Eye Care Voucher Scheme, Employee Advisory ServiceReason for Vacancy WorkloadKey Tasks / Accountabilities:Be primarily responsible for the end-to-end process of fulfilling data subject requests made under the UK General Data Protection Regulation (UK GDPR), such as subject access requests and erasure requests, as well as requests for information from other organisations, such as law firms, law enforcement or government departmentsBuild on existing internal documentation and communications regarding the data subject request process so that:Other departments are clear about their responsibilities, andThe Data Security Compliance Team handles requests in the most structured, efficient and cost-effective manner possible, while complying with UK data protection legislation and meeting legal deadlinesWork with members of the team on the development and integration of tools involved in the data subject request process, such as the OneTrust Privacy Rights Automation module and other internal platformsShare the responsibility to conduct reviews of existing assessment and accountability processes and work with business stakeholders to create new ones where required. Assist with the recommendation of improvements to achieve compliance and reduce risk and help to ensure the delivery of agreed recommendations. Examples of processes are:Data Protection Impact Assessments (DPIAs)Legitimate Interest Assessments (LIAs)Legal Basis for Processing ChecklistsRecords of Processing Activities (ROPA)Assist with the optimisation of the above record, list and assessment processes and the continual improvement of associated documentationContribute to the application of organisation wide processes such as Data Protection by Default and by Design, working with business teams and the IS department as necessaryAssist in the refresh and communication of the organisation's Data Security Policy setContribute to the development and execution of data protection and data security training, awareness campaigns and eLearning training rolloutsSupport the Data Protection Officer in ensuring the importance of data security compliance is appropriately communicated across the organisation by assisting with the production of communications as well as articles and guidance for the teams intranet presenceAssist with the production of well written and carefully considered advice and guidance in response to data protection and data security enquiries, both internal and externalBe willing to take on ad hoc challenges and find solutions for implementationRepresent the team in meetings and for projects and initiatives, where requiredAttend industry events, conferences and seminars to keep up to date with the threat landscape and any upcoming legislative changeEssential Skills & Experience Required:Strong knowledge and experience of current and upcoming UK data protection law, e.g. the UK General Data Protection Regulation (UK GDPR), Data Protection Act 2018, Privacy and Electronic Communication Regulations (PECR) and familiarity with guidance published by the Information Commissioners OfficeOne or more recognised data protection qualifications, e.g. UK GDPR Practitioner, CIPP/E, CIPMExtensive experience of fulfilling data subject requests made under the UK GDPRExperience of working in a team where providing guidance and advice about UK data protection law to internal and external stakeholders is a primary focusProven experience in handling confidential and sensitive informationFirst rate planning and organisation skills with the ability to manage conflicting priorities while meeting tight deadlinesMust have the ability to work well under pressure while maintaining discretionAbility to work with minimum supervision, as well as collaboratively and flexibly with others to achieve team objectivesExcellent written English coupled with clear and articulate verbal communication skillsMethodical, with a high attention to detail and accuracyHighly motivated and focused with a desire to help, use initiative and add valueConfident general IT skills, ideally primarily with use of Google Workspace and Adobe Acrobat Pro (see below) but as a minimum, with Microsoft Office / O365 software suitesDesirable Skills & Experience Required:Highly proficient use of Google Workspace (Gmail, Drive etc), Microsoft Office (Outlook, Word and Excel in particular) and use of the redaction tools and other key features in Adobe Acrobat ProFamiliar with information security best practice, e.g. ISO 27001, Cyber EssentialsAwareness of payment card industry standards and requirements, i.e. Payment Card Data Security Standard (PCI DSS)To apply to this role of Data Security Compliance Advisor please send your CV. Closing date for applications is Wednesday 26th March.Due to the volume of applications we are only able to contact successful applicants. Therefore if you have not heard from us within 10 working days please deem your application as unsuccessful on this occasion.Membership Bespoke is acting as a recruitment business in relation to this role. Membership Bespoke positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity.Membership Bespoke is the most experienced membership-focused recruitment firm in the UK, with 10+ years of experience delivering tailored permanent, temporary, interim, and Executive Search recruitment solutions to Trade Associations, Regulatory Bodies, Political Parties, and Professional Bodies.