Job Description
Background
The Data Protection Act 2018 established a new Data Protection Commission (DPC) on May 25, 2018. The DPC is Ireland's national independent supervisory authority, responsible for upholding the fundamental right to personal data protection.
The DPC's powers, functions, and duties derive from the Data Protection Act 2018, General Data Protection Regulation, Law Enforcement Directive, and Data Protection Acts 1988-2003. This includes giving effect to the Council of Europe Convention 108.
The DPC uses its statutory powers to:
* Examine complaints about potential data protection law infringements.
* Conduct inquiries into data protection legislation breaches and take enforcement action when necessary.
* Promote public awareness of their rights under data protection law.
* Drive improved awareness and compliance with data protection legislation through high-quality guidance and proactive engagement.
* Assist organizations in identifying risks to personal data protection and offer guidance on best practices to mitigate those risks.
* Cooperate with other data protection authorities and act as Lead Supervisory Authority at EU level for organizations with their main EU establishment in Ireland.
Mission
The DPC's mission is to uphold consistent data protection law application through engagement, supervision, and enforcement, while driving compliance with data protection legislation.
Data Protection Commission
The DPC safeguards individual data protection rights and provides clarity for regulated organizations by:
* Educating stakeholders on their rights and responsibilities.
* Taking a fair and balanced approach to complaint handling.
* Communicating extensively and transparently with stakeholders.
* Participating actively at European Data Protection Board level to achieve consistency.
* Cultivating technological foresight in anticipation of future regulatory developments.
* Sanctioning proportionately and judiciously.
* Retaining and amalgamating expert staff capacities to ensure operational effectiveness.
Vision
The DPC aims to be an independent, internationally influential, and publicly dependable regulator of EU data protection law. It will regulate with clear purpose, trusted by the public, respected by peers, and effective in regulation.
The Positions
There are two immediate vacancies for Senior ICT Technologists within the DPC:
* Senior ICT Regulatory Technologist
* Senior ICT Cybersecurity Technologist
Senior ICT Cybersecurity Technologist
This role involves providing leadership and technical authority on cyber security and security technology matters. Key responsibilities include:
* Managing workload and performance to ensure timely completion of projects and documentation.
* Providing proactive cyber and security technology solutions.
* Leading and being responsible for cyber security, security technology, and strategic initiatives.
* Supporting the delivery of the technical roadmap and planning for future upgrades.
* Evaluating current processes, making recommendations, and implementing approved changes.
* Working closely with other DPC teams to deliver secure quality services.
* Developing structures and processes for efficient operation.
* Continuous self-education in matters relating to the position.
* Coordinating national, EU, and international engagement related to cyber security.
Senior ICT Regulatory Technologist
This role involves developing the Unit's function in line with best practices, standards, and the DPC's Regulatory Strategy. Key responsibilities include:
* Regularly engaging and collaborating with technologists across the organization.
* Engaging and collaborating with legal experts within the DPC.
* Providing a knowledge center for the DPC on regulatory matters.
* Briefing Commissioners on novel technological concepts.
* Documenting work according to policies and procedures.
* Acting as a technology authority to provide advice to business units.
* Attending and contributing to topical matters at an EU level.
* Performing desktop and on-site research, audits, and inspections.
* Reporting effectively and promptly to the head of unit or other units.
Eligibility
Essential Requirements:
* An ICT-related degree or equivalent qualifications at NFQ Level 7 or above.
* Minimum 3 years' experience working in a similar ICT role or roles to include technology advisory, cyber security, or as deemed relevant by the panel.
Desirable Requirements:
* Experience of successfully working in a regulatory environment.
* Significant management experience at an appropriate level, including leading teams and managing stakeholders.
* Significant experience in some or all of the following: data protection analysis and guidance, regulatory/investigatory work, data protection legal and policy areas, people management, project management, managing budgets, delivery of programs, strategic and change management.
Core Competencies:
* Leadership
* Analysis and Decision Making
* Management and Delivery of Results
* Interpersonal and Communication Skills
* Specialist Knowledge, Expertise, and Self-Development
* Drive and Commitment to Public Service Values