Data Protection Officer

  • Job Reference: JO0000003689
  • Date Posted: 22 November 2022
  • Recruiter: Ryder Reid Legal
  • Location: City of London, London
  • Salary: On Application
  • Sector: Risk & Compliance
  • Job Type: Permanent
  • Work Hours: Full Time

Job Description

Fantastic opportunity for a Data Protection Officer to join the London office of a modern and forward-thinking global law firm on a permanent basis. The Data Protection Officer will manage and oversee compliance of all Privacy, Data Protection and Data Governance processes for the firm.

Key responsibilities for the Data Protection Officer will include:

  • Responsible for management of the firm's data privacy program.
  • Responsible for evaluation of the risk associated with potential personal data loss due to unintended disclosure.
  • Oversee the "privacy by design" and data protection activities of the firm related to internal operations and client engagements.
  • Identify need for and help co-author any necessary privacy policy, process and standards.
  • Review privacy terms for client and third-party agreements. Align operational compliance.
  • Implement procedures to ensure that third parties engaged by the firm are compliant with the firm's privacy standards
  • Conduct Data Privacy Impact Assessments (DPIA's) on high-risk new systems, applications, workflows and third-party engagements, as appropriate.
  • Develop recommended action plans as a result of DPIAs where necessary and appropriate.
  • Respond to Data Subject Access Requests (DSAR's) on behalf of the firm and coordinate their resolution.
  • Prepare and maintain a high-level "enterprise personal data map" which includes firm and third party managed personal information.
  • Define information and privacy data management framework, policy, procedures and work instructions in partnership with lawyers, IT, practice support, and administrative departments.
  • Plan and execute periodic privacy data audits to evaluate the health of prioritized enterprise data and facilitate remediation of personal data issues and defects.
  • Ensure continued compliance with firm's ISO27701 privacy certification.
  • Educate firm employees about the firm's data privacy compliance responsibilities and obligations by designing and implementing training plans, to include information on the processing and controlling of data.
  • Track and monitor updates and developments to applicable data privacy law and regulation and make program and training changes and recommendations accordingly.
  • Act as primary point of contact within the firm for members of staff and attorneys on data privacy matters, and as point of contact for relevant data protection authorities.
  • Work collaboratively with the CCO, CIO, CISO, and firm management on all data privacy issues

The ideal candidate for the Data Protection Officer position will have solid experience within compliance, privacy or a related field. You must have extensive knowledge of privacy regulations within the US, Europe and Asia including, but not limited to, GDPR. You must have the Certified Information Privacy Professional (CIPP) or Certified Information Privacy Management (CIPM). Certification from the International Association of Privacy Professionals (IAPP) is beneficial and Certified Information Privacy Technologist (CIPT) is a plus.

If you fit the above description, then please contact Ryder Reid for immediate consideration.