Data Protection and Information Governance Officer Aside from the exciting range of opportunities to make a real difference to your community and county, South Dublin County Council is a great place to work and for many people already provides an attractive career and working environment.
Working for South Dublin County Council will give you the opportunity to gain experience at the heart of local government and to develop your career in a diverse work environment.
We recognise the value of our employees, can offer a diverse range of job and career options, can provide plenty of scope for career progression and can provide structured training and personal development We also offer flexible working arrangements including blended working arrangements, a positive work environment, training and development opportunities, a defined career path and the opportunity to make a difference.
The role SouthDublinCountyCouncilinvitesapplicationsfromsuitablyqualifiedpersonsfortheroleofData ProtectionandInformationComplianceOfficer.
This is aleadershiproleintheorganisationoffering the opportunity to work in a fast-paced, dynamic environment and as a multiple service provider.
South Dublin County Council processes a large volume of highly sensitive personal data daily to deliver the range of local authority services to citizens across the county.
In doing this, the Council mustensurethatit hasadequate organisationalandtechnicalmeasuresinplacetodevelopafitfor purpose operating model for data protection and information compliance within the organisation, to ensure the rights of service users are respected and any privacy risks are minimised.
The person holding this role has primary responsibility for overseeing the Councils Data Protection and Information governance framework to ensure the Council is compliant with legal and regulatory requirements and adopts principles of good corporate governance in relation to data protection and information management.
Working as a member of the Councils Corporate Services team, the person appointed will effectively oversee and manage all aspects of information management and data protection governance and will have specific responsibility for the role of Data Protection Officer for the Council.
The successful candidate will work with all sections in the Council to establish and maintain effective corporate and departmental processes and systems to ensure all information handled and processed by South Dublin County Council is managed in line with the Councils policies, procedures and relevant legislation and regulation.
The post holder will take the Strategic and operational lead for compliance with corporate governance standards within the organisation in the areas of: InformationGovernance DataProtection RecordsManagementandRetention FreedomofInformation AccesstoInformationontheEnvironment The office is wholetime, permanent and pensionable.
A panel will be formed to fill permanent and temporary vacancies.
Persons employed will be required to work in any location within the South Dublin administrative area.
Salary €59,417-€60,871-€62,568-€64,271-€65,974-€67,495-€69,054-€70,563-€72,069 €74,649(1stLS1)-€77,243(2ndLSI).
Hours of Work The successful candidates normal hours of work will be 35 hours per week.
The Council reserves the right to alter your hours of work from time to time.
Annual Leave Annualleaveentitlementforthispositionis30days.
Only applications received electronically through the Councils e-Recruitment system will be accepted and must be received no later than midnight on Thursday, 10thApril 2025 Qualifications Character Candidateswillbeofgoodcharacter.
Health Eachcandidatemustbeinastateofhealthsuchaswouldindicateareasonableprospectofabilitytorender regular and efficient service.
Essential Education, training, experience Each candidate must, on the latest date for receipt of completed application forms: Hold a relevant third level qualification in Data Protection, Information Compliance or Records Management and have Aminimumofthreeyearsexperienceintheareaofdataprotection, datamanagement,audit risk management or compliance.
Desirable Education, training, experience Are a self-starter, with strong attention to detail and with an ability to work on their own and with others.
Have strong organisational, project management, and multi-tasking skills.
Haveabilitytoworkcloselywithpeersandbuildstrongpartnershipswithkeystakeholders.
PossessesexcellentICTskills.
HaveexperienceinnationalandEuropeandataprotectionlawsandpracticesincludinganin- depth understanding of the General Data Protection Regulation (GDPR).
Haveanunderstandingofinformationsystems,datasecurityanddataprotection.
Haveexperienceofsuccessfullymanaginginformationmanagementprojectsfrominitiation through to implementation.
Understand the legislative background affecting the local government sector and of the processing operations carried out in that environment.
Haveexperienceworkingwiththirdpartyorganisations,suchasregulators,auditorsorlegal agents to resolve issues.
Have strong communication skills with the ability to communicate clearly at both business and technical level and have strong presentation and influencing skills.
Key competencies / skills Managementandchange Thinkandactsstrategically.
Developandmaintainpositive,productiveandbeneficialworkingrelationships.
Effectively manage the introduction of change and demonstrate flexibility and openness to change.
Delivering results Contribute to the development of operational plans and lead the development of team plans.
Planandprioritiesworkandresourceseffectively.
Establishhighqualityserviceandcustomercarestandards.
Make timely, informed and effective decisions and show good judgement and balance in making decisions or recommendations.
Performance through People Lead, motivate and engage employees to achieve quality results and to deliver on operational plans.
Effectivelymanageperformance.
Effectivelyidentifyandmanageconflict.
Effective verbal and written communication skills.
Personal effectiveness Take initiative and seek opportunities to exceed goals.
Managetimeandworkloadeffectivelyandoperateinanenvironmentwithsignificant complexity and pace.
Maintain a positive, constructive and enthusiastic attitude to the role.
Local government knowledge and understanding Knowledge of the structure and functions of local government.
Knowledgeofcurrentlocalgovernmentissuesandadvocatepracticalapproachesto addressing them.
Clearandrealisticviewoffuturetrendsandstrategicdirectionoflocalgovernment.
UnderstandingoftheroleofaDataProtectionandInformationGovernanceOfficerinthis context.
Candidates are requested to give an example of a situation which highlights the behaviour, skills and attitude that underpin effective performance in these areas and which demonstrates their suitability to meet the challenges of this role.
Candidates should ensure the example used clearly demonstrates their ability in this area and that the scale and scope of the example given is appropriate to the post and level of the post.
Duties Thedutiesinclude,butarenotlimitedtothefollowing: ReportingtotheChiefExecutiveoradelegatednominee,thedutiesofthepostwillincludethe following: Leadership role in devising and implementing the Councils Information Governance framework and develop and report on relevant KPIs.
Responsible for the effective implementation of Data Protection across the Council.
Engageatalllevelsacrosstheorganisationwithmembersandstaffanddevelop relationships with external partners and stakeholders, to maximise compliance and efficiency in the management of personal data.
Co-ordinatethemeetingsandworkprogrammeoftheCouncilsDataandRecordManagement Steering Group.
MonitorcompliancewiththeCouncilsdataprotectionobligationsconcerningtheoperationof the operation of its CCTV systems and advise the Council on the operation of such from a data protection perspective.
Report and manage all data protection incidents and breaches and liaise with employees, affecteddatasubjects,processorsandtheDataProtectionCommission(DPC),asrequired.
Conduct or arrange for regular audits of Data Protection Compliance throughout the organisationincludingadatabreachanalysisanddevelopmulti-annualplanstoachieveand sustain compliance.
Proactively identify risks to compliance and recommend mitigations including advice regarding requirements for and conduct of data protection impact assessments (DPIA), data sharing and processing agreements, records of processing.
EngagewithICTtoreviewtheadequacyof dataandinformationsecuritycontrolsandtoassist in the development and review of related business continuity plans and disaster recovery plans.
EnsureallpublicinformationandCouncilwebsitesareuptodateprovidinginformationtothe public on their rights and compliant with all data protection requirements.
Identify, review and amend as needed all third-party contracts involving data processors to ensure that they are compliant with relevant data protection legislation and offer suitable technicalandorganisationalmeasurestoprotectpersonaldataandbringintocomplianceany international data transfers.
Promoteandembedadata protectionculturewithintheorganisationincludingdelivery ofstaff inductionandawarenessprogrammes,developingandmaintainingresourcessuchasportals, training programmes, guides, tips and supporting data protection champions as needed.
Be responsible for cooperation with and act as the contact point with the Data Protection Commissiononissuesrelatingtoprocessing,includingpriorconsultationreferredtoinArticle 36 of the GDPR, and to consult, where appropriate, regarding any other matter.
Where required, devise, review and update best practice policy and procedures considering businessneeds,developmentsinthelawandguidancefromtheDataProtectionCommission.
Liaisewithandfacilitateappropriateaccesstopersonaldatawithotherstatutoryorganisations including An Garda Sochna and so on, and any other bodies where joint controller sharing agreements exist or are required.
Act as a contact point for data subjects regarding all issues related to processing of their personal data and to theexercise of their rights under the GDPR, managing subject rights requestsandensuringthatprocessestoexercisesuchrightsareorganisationallyefficient.
Ensurethateachbusinessunitmaintainsacurrentrecordofallcategoriesofprocessing activities (ROPA) and is compliant with GDPR.
Act astheFreedomofInformation(FOI)OfficerfortheCouncilandthecontactpointforFOI/ AIE (Access to Information on the Environment), and Personal Data Access requests, and liaise with decision makers and internal reviewers in dealing with requests for information, providing advice where necessary and ensuring that statutory deadlines are met.
UpdatethedocumentationrequiredforFOIPublicationSchemeandperiodicallymonitorand track compliance.
Maintain the FOI request tracking and recording system and the preparation of the FOI Request log as part of the FOI Publication Scheme requirement.
Develop and advise onorganisational compliance with Section 65 of theLocal Government Act,1994andEuropeanCommittees(PrivacyandElectronicCommunications)Regulations 2011, as amended.
LeadandoverseetheimplementationoftheprevailingNationalLocalAuthorityRecord Retention Policy across all Council operations.
Manage, monitor and report on the implementation of the Document Management and Storage system and ensure all departments and staff are aware of their associated requirements in adhering to this system in their management, storage and use of documents and records.
Other duties that may arise relevant to Data Protection and Information Governance.
These duties are indicative rather than exhaustive and are carried out under general guidance.
Persons employed will be required to work in any location within the South Dublin administrative area.