Data Protection and Information Governance OfficerJoin to apply for the Data Protection and Information Governance Officer role at South Dublin County Council.Aside from the exciting range of opportunities to make a real difference to your community and county, South Dublin County Council is a great place to work and for many people already provides an attractive career and working environment. Working for South Dublin County Council will give you the opportunity to gain experience at the heart of local government and to develop your career in a diverse work environment. We recognise the value of our employees, can offer a diverse range of job and career options, can provide plenty of scope for career progression and can provide structured training and personal development. We also offer flexible working arrangements including blended working arrangements, a positive work environment, training and development opportunities, a defined career path and the opportunity to make a difference.The roleSouth Dublin County Council invites applications from suitably qualified persons for the role of Data Protection and Information Compliance Officer. This is a leadership role in the organisation offering the opportunity to work in a fast-paced, dynamic environment as a multiple service provider.South Dublin County Council processes a large volume of highly sensitive personal data daily to deliver the range of local authority services to citizens across the county. In doing this, the Council must ensure that it has adequate organisational and technical measures in place to develop a fit-for-purpose operating model for data protection and information compliance within the organisation, to ensure the rights of service users are respected and any privacy risks are minimised.The person holding this role has primary responsibility for overseeing the Council's Data Protection and Information governance framework to ensure the Council is compliant with legal and regulatory requirements and adopts principles of good corporate governance in relation to data protection and information management.Working as a member of the Council's Corporate Services team, the person appointed will effectively oversee and manage all aspects of information management and data protection governance and will have specific responsibility for the role of Data Protection Officer for the Council.The successful candidate will work with all sections in the Council to establish and maintain effective corporate and departmental processes and systems to ensure all information handled and processed by South Dublin County Council is managed in line with the Council's policies, procedures and relevant legislation and regulation.The Post Holder Will Take The Strategic And Operational Lead For Compliance With Corporate Governance Standards Within The Organisation In The Areas Of:Information GovernanceData ProtectionRecords Management and RetentionFreedom of InformationAccess to Information on the EnvironmentThe office is whole-time, permanent and pensionable. A panel will be formed to fill permanent and temporary vacancies. Persons employed will be required to work in any location within the South Dublin administrative area.Salary€59,417-€60,871-€62,568-€64,271-€65,974-€67,495-€69,054-€70,563-€72,069€74,649(1stLS1)-€77,243(2ndLSI).Hours of WorkThe successful candidate's normal hours of work will be 35 hours per week. The Council reserves the right to alter your hours of work from time to time.Annual LeaveAnnual leave entitlement for this position is 30 days.Only applications received electronically through the Council's e-Recruitment system will be accepted and must be received no later than midnight on Thursday, 10th April 2025.QualificationsCharacterCandidates will be of good character.HealthEach candidate must be in a state of health such as would indicate a reasonable prospect of ability to render regular and efficient service.Essential Education, Training, ExperienceHold a relevant third-level qualification in Data Protection, Information Compliance or Records Management.A minimum of three years' experience in the area of data protection, data management, audit risk management or compliance.Desirable Education, Training, ExperienceAre a self-starter, with strong attention to detail and with an ability to work on their own and with others.Have strong organisational, project management, and multi-tasking skills.Have ability to work closely with peers and build strong partnerships with key stakeholders.Possess excellent ICT skills.Have experience in national and European data protection laws and practices including an in-depth understanding of the General Data Protection Regulation (GDPR).Have an understanding of information systems, data security and data protection.Have experience of successfully managing information management projects from initiation through to implementation.Understand the legislative background affecting the local government sector and of the processing operations carried out in that environment.Have experience working with third-party organisations, such as regulators, auditors or legal agents to resolve issues.Have strong communication skills with the ability to communicate clearly at both business and technical level and have strong presentation and influencing skills.Key Competencies / SkillsManagement and ChangeThink and act strategically.Develop and maintain positive, productive and beneficial working relationships.Effectively manage the introduction of change and demonstrate flexibility and openness to change.Delivering ResultsContribute to the development of operational plans and lead the development of team plans.Plan and prioritise work and resources effectively.Establish high quality service and customer care standards.Make timely, informed and effective decisions and show good judgement and balance in making decisions or recommendations.Performance through PeopleLead, motivate and engage employees to achieve quality results and to deliver on operational plans.Effectively manage performance.Effectively identify and manage conflict.Effective verbal and written communication skills.Personal EffectivenessTake initiative and seek opportunities to exceed goals.Manage time and workload effectively and operate in an environment with significant complexity and pace.Maintain a positive, constructive and enthusiastic attitude to the role.Local Government Knowledge and UnderstandingKnowledge of the structure and functions of local government.Knowledge of current local government issues and advocate practical approaches to addressing them.Clear and realistic view of future trends and strategic direction of local government.Understanding of the role of a Data Protection and Information Governance Officer in this context.Candidates are requested to give an example of a situation which highlights the behaviour, skills and attitude that underpin effective performance in these areas and which demonstrates their suitability to meet the challenges of this role. Candidates should ensure the example used clearly demonstrates their ability in this area and that the scale and scope of the example given is appropriate to the post and level of the post.DutiesThe duties include, but are not limited to, the following:Leadership role in devising and implementing the Council's Information Governance framework and develop and report on relevant KPIs.Responsible for the effective implementation of Data Protection across the Council.Engage at all levels across the organisation with members and staff and develop relationships with external partners and stakeholders, to maximise compliance and efficiency in the management of personal data.Co-ordinate the meetings and work programme of the Council's Data and Record Management Steering Group.Monitor compliance with the Council's data protection obligations concerning the operation of its CCTV systems and advise the Council on the operation of such from a data protection perspective.Report and manage all data protection incidents and breaches and liaise with employees, affected data subjects, processors and the Data Protection Commission (DPC), as required.Conduct or arrange for regular audits of Data Protection Compliance throughout the organisation including a data breach analysis and develop multi-annual plans to achieve and sustain compliance.Proactively identify risks to compliance and recommend mitigations including advice regarding requirements for and conduct of data protection impact assessments (DPIA), data sharing and processing agreements, records of processing.Engage with ICT to review the adequacy of data and information security controls and to assist in the development and review of related business continuity plans and disaster recovery plans.Ensure all public information and Council websites are up to date providing information to the public on their rights and compliant with all data protection requirements.Identify, review and amend as needed all third-party contracts involving data processors to ensure that they are compliant with relevant data protection legislation and offer suitable technical and organisational measures to protect personal data and bring into compliance any international data transfers.Promote and embed a data protection culture within the organisation including delivery of staff induction and awareness programmes, developing and maintaining resources such as portals, training programmes, guides, tips and supporting data protection champions as needed.Be responsible for cooperation with and act as the contact point with the Data Protection Commission on issues relating to processing, including prior consultation referred to in Article 36 of the GDPR, and to consult, where appropriate, regarding any other matter.Where required, devise, review and update best practice policy and procedures considering business needs, developments in the law and guidance from the Data Protection Commission.Liaise with and facilitate appropriate access to personal data with other statutory organisations including An Garda Síochána and so on, and any other bodies where joint controller sharing agreements exist or are required.Act as a contact point for data subjects regarding all issues related to the processing of their personal data and to the exercise of their rights under the GDPR, managing subject rights requests and ensuring that processes to exercise such rights are organisationally efficient.Ensure that each business unit maintains a current record of all categories of processing activities (ROPA) and is compliant with GDPR.Act as the Freedom of Information (FOI) Officer for the Council and the contact point for FOI/ AIE (Access to Information on the Environment), and Personal Data Access requests, and liaise with decision makers and internal reviewers in dealing with requests for information, providing advice where necessary and ensuring that statutory deadlines are met.Update the documentation required for FOI Publication Scheme and periodically monitor and track compliance.Maintain the FOI request tracking and recording system and the preparation of the FOI Request log as part of the FOI Publication Scheme requirement.Develop and advise on organisational compliance with Section 65 of the Local Government Act, 1994 and European Committees (Privacy and Electronic Communications) Regulations 2011, as amended.Lead and oversee the implementation of the prevailing National Local Authority Record Retention Policy across all Council operations.Manage, monitor and report on the implementation of the Document Management and Storage system and ensure all departments and staff are aware of their associated requirements in adhering to this system in their management, storage and use of documents and records.Other duties that may arise relevant to Data Protection and Information Governance.These duties are indicative rather than exhaustive and are carried out under general guidance. Persons employed will be required to work in any location within the South Dublin administrative area.Seniority levelMid-Senior levelEmployment typeFull-timeJob functionInformation TechnologyOperations Consulting
#J-18808-Ljbffr