Necessary arrangements can be made at interview stage to accommodate the needs of candidates with disabilities. If you are having difficulty uploading your CV online or in fully accessing any information on this site please email Recruitment@ntma.ie
Role Profile
Job Title: NTMA Data Protection Officer (DPO)
Reports to: Chief Legal Officer/ Head of Compliance
Job Family: Risk Management
Career Stream: Professional
Contract: Permanent
** Closing date for applications - 26/02/25 **
Summary of the Business
The National Treasury Management Agency (NTMA) provides asset and liability management services to the Irish Government. It has evolved from a single function agency managing the National Debt to a manager of a complex portfolio of public assets and liabilities.
Businesses managed by the NTMA include borrowing for the Exchequer and the management of the National Debt, the State Claims Agency, the New Economy and Recovery Authority (“NewERA”), the Ireland Strategic Investment Fund, National Development Finance Agency and the NTMA Future Ireland Funds business unit with responsibility for the management of the Future Ireland Fund and Infrastructure, Climate and Nature Fund.
The NTMA also assigns staff to the National Asset Management Agency, the Strategic Banking Corporation of Ireland (SBCI) and Home Building Finance Ireland (HBFI).
Working at the NTMA offers excellent benefits including:
• Flexible work options including hybrid working and variable work hours
• An extensive wellbeing programme
• Excellent learning and development opportunities that allow for full career development within the organisation
• A diverse range of initiatives: LGBT+, Gender Matters, Disability Awareness, Sports & Social, Volunteering and lots more
• Reimbursement of annual professional membership fees
• Career average Defined Benefit Pension Scheme
Role Summary
This is an exciting opportunity to join the NTMA Compliance Unit in providing oversight, support and assurance on data protection, compliance and governance matters in respect of the wide range of businesses across the NTMA and Affiliate Agencies. The Compliance Unit provides advice and support to the Agency, various Boards/Committees and staff in relation to their statutory, governance and other compliance obligations. The NTMA Compliance Unit also provides Compliance services (including anti-money laundering) to the NTMA Affiliate Agencies. The DPO provides data protection services to the NTMA and certain Affiliate Agencies.
The successful candidate will be an ambitious, highly experienced senior manager with extensive data protection, compliance and/or legal expertise and will have responsibility for playing a key role within a dynamic team in relation to data protection matters as well as general compliance and related governance oversight, advice and assurance.
Principal Accountabilities
The NTMA Data Protection Officer (DPO) is, in accordance with the EU General Data Protection Regulation (GDPR), responsible for monitoring compliance with the GDPR and other European and national data protection and privacy laws and policies. The DPO reports to the Chief Legal Officer on overall data protection risk strategy and planning matters and reports to the Deputy Director, Head of Compliance, (DD, HoC) on administrative and day-to-day operational matters. The DPO has an independent reporting line on data protection matters to the NTMA Audit and Risk Committee, and to the Affiliate Agency Audit and Risk Committees, as appropriate. The DPO oversees all aspects of data protection compliance and works with all business units within the NTMA and the relevant Affiliate Agencies to promote awareness of data protection and privacy law and policies.
This role will work closely with the DD, HoC, with primary responsibilities as DPO to include:
Ensuring ongoing compliance with GDPR and other European and national data protection and privacy laws and policies:
• Inform, advise and promote awareness among NTMA and relevant Affiliate Agency management and staff of obligations under GDPR and other applicable European and national data protection and privacy laws and policies
• Monitor compliance with GDPR and other European and national data protection and privacy laws and policies, including assignment of responsibilities within the NTMA, raising awareness, training of staff involved in data processing operations and related audits
• Provide advice, where requested, as regards high risk processing and data protection impact assessments, including monitoring their performance
• Devise, implement and update policies and procedures on data protection and privacy in the NTMA and relevant Affiliate Agencies and ensure an awareness of these both within and (as appropriate) outside the NTMA
• Oversee interaction with Data Subjects regarding the processing of their personal data and ensuring their data protection rights are upheld within the statutory timelines
• Receive, document, track, investigate and take action on all complaints made concerning data protection policies and procedures
• Oversee the maintenance of business unit records of processing activities (RoPA)
• Monitor on a continual basis the risks associated with the NTMA and relevant Affiliate Agencies’ processing of personal data, taking into account the nature, scope, context and purposes of processing
• Advise on contract provisions, due diligence and data instructions to third party data processors and ensure they have adequate technical and organisational measures in place to protect personal data
• Keep up to date on technological developments in matters relating to data protection and privacy
• Act as contact point for, and cooperate with, the Data Protection Commission on issues relating to processing
Team Leadership and Motivation:
• Manage effective working relationships with key personnel across all NTMA and Affiliate Agency business units
• On a continual basis, identify ways of improving operational efficiencies and practices to maintain high standards in data protection and privacy practice and keep pace with developments in this area
• Lead, manage and mentor team members within reporting line
Stakeholder Engagement and Accountability:
• Report to the NTMA Audit and Risk Committee and relevant Affiliate Agency Audit and Risk Committees and other risk and governance fora, as appropriate on all data protection and privacy related matters
• Report to the Chief Legal Officer and DD, HoC on progress and successful delivery of relevant projects and data subject related matters, as appropriate
• Act as the contact point for the NTMA and Affiliate Agencies in all interactions with the Data Protection Commissioner, cooperating in respect of its supervisory work and consulting as necessary on matters such as DPIAs, data breaches and data subject access requests
• Engage with data processors, as appropriate, to ensure compliance with GDPR and oversee audits of their activities as needed from time to time
• Provide training to all levels of the business on GDPR and other European and national data protection and privacy laws and policies, updating and refreshing such training and communications as needed to keep pace with changes in law and policy in this area
• Provide support to Tier 1 projects as required
• Play a key role in the design and execution of the DP aspect of the annual Compliance and DPO plan
• Provide services to Affiliate Agencies in accordance with agreed SLAs
• Protect the NTMA and Affiliate Agencies’ reputation in all of its data processing operations
There will also be an opportunity to become involved in general compliance work where capacity permits, including:
• Execute the robust and comprehensive compliance framework in place to support all units and functions in meeting their statutory and relevant governance obligations. In particular:
• Support ongoing compliance with the Compliance Framework
• Support the control framework underpinning obligations within the Compliance function remit and the Compliance input to the integrated assurance process
• Complete any assigned Compliance actions in the Compliance and DPO plan
• Provide any assigned element of Compliance services to Affiliate Agencies in accordance with agreed SLAs
• Ensure accurate and timely reporting to stakeholders, as appropriate
• Promote awareness, advice and support to relevant Business Units in support of a strong compliance culture
• Support and deliver any assigned elements of an agreed training programme
Knowledge and Experience
• 10+ years’ experience in data protection, ideally with 5+ years in a senior management position with legal and/or compliance experience
• Relevant third level qualification or equivalent relevant professional qualification, in particular in data protection
• Expert knowledge of European data protection and privacy law and practices and the regulatory and legislative frameworks, including an in-depth understanding of GDPR and the Data Protection Acts 1988 – 2018, and the practicalities of implementation
• Strong understanding of Irish/EU financial industry legal and regulatory requirements, ideally with practical knowledge and previous experience of working in this area in addition to a strong understanding of financial markets and knowledge of products, services and practices within the financial services sector
• Demonstrable ability to communicate effectively with data subjects, data protection authorities, data processors and colleagues within the business on data protection matters and to promote a data protection culture within the organisation
• Good technical understanding of the processing operations carried out within the NTMA and the Affiliate Agencies, as well as the information systems, data sources and data security within the NTMA and Affiliate Agencies
• Demonstrable awareness of the commercial environment within which the NTMA and its Affiliate Agencies operate and the relevant data protection, compliance and reputational risks to the NTMA and Affiliate Agencies in carrying out their objectives
• Experience of working with/providing services to a diverse group of stakeholders in a pressurised environment and managing internal and external relationships
• Experience in a compliance, assurance, monitoring or audit role an advantage
• Proven track record of high performance and successfully completing tasks and projects
• An understanding of compliance matters in a public sector context would be advantageous
Skills
• Strong leadership and relationship management skills, with the ability to influence at all levels
• Ability to quickly understand the ‘business drivers’ for the NTMA and Affiliate Agencies, in order to have regard to these in providing advice or inputting to new initiatives and projects
• Ability to communicate complex information in a clear and concise way, orally and in written form, with a variety of internal and external audiences of different skills and backgrounds
• Demonstrable ability to act with integrity working in a highly organised manner
• Ability to interface effectively and appropriately with all levels throughout the organisation
• Strong personal impact (e.g. interpersonal skills, high personal credibility, influencing skills, tough minded)
• Confident and decisive, with good judgment
• Adaptable and flexible in approach to work
• Ability to handle multiple projects simultaneously and meet deadlines
• Strong IT skills to include familiarity with MS Office, MS Teams, OneTrust (or similar) and project management tools
Pension Abatement
If an appointee has previously been employed in the Civil or Public Service and that appointee is entitled to or in receipt of a pension from the Civil or Public Service or where a Civil/Public Service pension comes into payment during the appointee’s re-employment that pension will be subject to abatement in accordance with Section 52 of the Public Service Pensions (Single Scheme and other Provisions) Act 2012.
Please note: In applying for this position, you are acknowledging that you understand that the abatement provisions, where relevant, will apply. It is not envisaged that the employing Department/Office/Body will support an application for an abatement waiver in respect of appointments to this position.
Applicants will be required to complete a pre-employment declaration to confirm whether they have previously availed of a Public sector pension scheme.
The NTMA is proud to be an equal opportunities employer. We recognise that a diverse and inclusive workplace informs better decision making, creative thinking, innovation and drives business performance. We are strongly committed to ensuring that our workforce is representative of our society.
#J-18808-Ljbffr