Social network you want to login/join with:
Ire - European Data Protection Officer, Dublin
Client:
Phoenix Group Holdings
Location:
Dublin, Ireland
Job Category:
Other
EU work permit required:
Yes
Job Reference:
37a06c8b088d
Job Views:
2
Posted:
15.03.2025
Expiry Date:
29.04.2025
Job Description:
Who are we?
We want to be the best place that any of our 7,400 colleagues have ever worked. We’re the UK’s largest long-term savings and retirement business. We offer a range of products across our market-leading brands, Standard Life, SunLife, Phoenix Life and ReAssure. Around 1 in 5 people in the UK has a pension with us. We’re a FTSE 100 business that is tackling key issues such as transitioning our portfolio to net zero by 2050, and we’re not done yet.
At Standard Life, we are committed to helping people live a life of opportunity. That's why we encourage initiative and proactive thinking and action. Because there's nothing we value more than actively facing the future, rather than just looking forward to it. On the way there, exciting tasks and considerable scope for decision-making await you in an international environment.
If you would like to work in a growing, ambitious, and dynamic company, you have come to the right place!
The role
* The Data Protection Officer has primary responsibility for:
* Advising and informing the Standard Life International (SLINTL) and Phoenix Life Assurance Europe businesses (PLAE) of its obligations under the data protection legislation.
* Monitoring compliance with data protection legislation and with the policies of the Group in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations and related audits.
* Embed and deliver proactive data protection advice, guidance and oversight services relevant to the SLINTL and PLAE business and its strategic aspirations.
* Operate an effective framework to manage Data Protection risk, aligning to and leveraging Group data protection, policies, frameworks, processes and standards where appropriate.
* Provide training, support and appropriate advice, guidance and oversight to the business to ensure the data protection risk implications of existing and new initiatives and projects are properly identified, recorded and addressed.
* Advise the Senior Management and Group DPO to ensure the Board and Board Risk Committee are appropriately engaged on Data Protection risk and assurance matters.
* Promote and drive a positive culture of data protection compliance across SLINTL, PLAE and the wider Phoenix Group.
Key accountabilities
* Primary responsibility and accountability for briefing and advising the SLINTL and PLAE business of its obligations under data protection legislation.
* Act as the point of contact for employees and customers on data protection matters.
* Acting as the contact point for the relevant European supervisory authorities on issues relating to data protection, and consulting, where appropriate, with the supervisory authority.
* Ensure the SLINTL and PLAE business maintain a forward thinking approach to data protection compliance through frequent regulator and industry updates demonstrating their practical application across the commercial and customer landscape.
* Support the Group Data Protection Officer in their understanding and oversight of the identification, management and control of data protection risk across the SLINTL and PLAE business, including its data processors.
* Support and contribute to the planning and delivery of the Data Protection Assurance plan across the SLINTL and PLAE business and its supply chain.
* Co-ordinating and report on data protection breaches (and potential breaches) liaising with the regulator as appropriate; identifying key themes and ensuring that the SLINTL and PLAE business take a risk-based and compliant approach to remediation.
* Lead the assessment of and manage, monitor, challenge and report on the data protection risks that the SLINTL and PLAE business is exposed to.
* Support the development and implementation of an on-going training and education programme which is tailored, as appropriate, to meet the needs of the SLINTL and PLAE business including delivering data protection training and presentations.
* Monitoring and reviewing the applicable data protection regulatory changes & notifications for impact and change required within the SLINTL and PLAE business and wider Group supporting services.
* Manage and influence relationships with the data protection teams at the data processors, ensuring that services are provided to agreed and acceptable standards.
* Support the development and maintenance of the Data Protection policies, standards and guidance to make sure they remain Regulatory aligned and fit for purpose to support the SLINTL and PLAE business.
* Ensuring the effective management of data protection risk, including developing opinion of the effectiveness and driving required improvements of the data protection risk function overall and ensuring regular interaction and communication with key business unit stakeholder, including directors and senior managers.
The successful applicant must be able to demonstrate:
* Previous experience working at a senior level within a regulated industry (financial services, healthcare).
* Experience in national and European data protection laws and practices including an in-depth understanding of the EU GDPR, Irish DPA and German Data Protection Acts.
* Knowledge of Information Security tools, capabilities and controls and experience in managing Information Security and Cyber risks.
* Ability to understand/interpret the regulatory requirements to new or ongoing business situations. This involves knowledge and anticipation of the relevant legislation and regulations, and navigation of the same.
* Excellent analytical, communication and influencing skills with the proven ability to operate and influence credibly at all levels across all business functions.
* Strong initiative to challenge and be a proactive self-starter in managing end to end solutions.
* Excellent communication and reporting writing skills with the ability to communicate compliance issues in a non-technical way to the senior teams and other employees.
* Strong subject matter expertise in data protection legislation, regulatory guidance and case law in our core markets.
* Experience of interpreting legislation, understanding the impact and communicating and implementing required changes.
* Ability to develop strategy and apply a proportionate and risk-based approach in a principles based regulatory environment.
* Strong project management skills, including planning, organisation and implementation of planned activities.
Qualifications-
* This role has been identified as CF-2 under the Central Bank of Ireland’s Fitness & Probity regime. The successful candidate will be required to comply with the Central Bank of Ireland’s Fitness and Probity Standards on an ongoing basis. Further details are available on request from the HR Team or directly from the Central Bank of Ireland.
* Legal qualification, ISEB qualification in data protection or alternatives like CIPP/E, CIPM. Desirable.
* Detailed knowledge and commercial application of the EU General Data Protection Regulation, specifically knowledge of the federal German Data Protection Act (BDSG) and Irish Data Protection Act (DPA). Essential.
We want to hire the whole version of you.
We are committed to ensuring that everyone feels accepted and welcome applicants from all backgrounds. If your experience looks different from what we’ve advertised and you believe that you can bring value to the role, we’d love to hear from you.
If you require any adjustments to the recruitment process, please let us know so we can help you to be at your best.
#J-18808-Ljbffr