Data Protection Officer

Founded by Larry Ellison and David B. Agus, MD,the Ellison Institute of Technology (EIT) works to develop and deploy advanced technology in pursuit of solving some of humanity’s most challenging and enduring problems. Guided by world leaders, scientists, and entrepreneurs, EIT seeks to accelerate innovation by driving scientific and technological advancements across four humane endeavours: medical sciences and healthcare, food security and sustainable agriculture, clean energy and climate change, and government policy and economics.Salary Range: £60,000 - £80,000, dependent on experienceLocation: Central OxfordContract: PermanentHours: Full-timeReports to: Director, LegalOur MissionThe Ellison Institute of Technology is expanding upon its existing collaborations with the University of Oxford by building a 320,000ft2 research institute and medical clinic at the nearby Oxford Science Park. In addition to this investment, the Institute seeks to fund annually 10-20 scholarships for the world’s next best global innovators, with undergraduate study at the University of Oxford, and cutting-edge programming and innovation opportunities in Oxford, LA and beyond. The Ellison Scholars Programme is looking to select outstanding people from around the world who are passionate about their subjects and who are motivated to solve some of the world’s biggest problems using technology.We are a mission led, start-up, rapidly scaling company and seek a Data Protection Officer to help build out our data and DPO function from the ground up. We are committed to ensuring that all of our data is protected and that our work complies with data protection legislation. The DPO will improve our management of potentially sensitive information, conduct regular internal security audits, and serve as the main point of contact between The Ellison Institute of Technology (EIT) and data protection authorities.The Data Protection Officer (DPO) plays a crucial role in safeguarding data privacy within our organisation. They are responsible for educating employees about data compliance, training staff involved in processing data, and conducting regular security audits. Additionally, they serve as the primary liaison between our company and relevant data protection authorities.Duties/Responsibilities:May include some or all of the following:You'll lead the establishment of robust data protection processes, including Data Protection Impact Assessments (DPIAs), Data Processing Agreements (DPA), and a comprehensive risk register.Conducting a thorough audit of our current data handling practices, you'll identify areas for improvement and develop benchmarks to ensure compliance with data protection regulations.To provide expert, strategic data protection, advice and leadership to ensure compliance with Data Protection legislation. Advising and informing the organisation and its employees of their obligations pursuant to current Data Protection legislation and on the appropriate disclosure of personal Information.To manage the investigation and response to personal data breaches and data security breaches in accordance with EIT policies.To develop and manage EIT’s processes for responding to access to information requests; taking steps as required to ensure that compliance adequately satisfies the requirements of the statutory code.To lead the development of policies, protocols, training and guidance in connection with Information Compliance issues.To manage Information Compliance related content on the EIT web site and internal intranet.To represent EIT as a member or leader of working groups, project teams, etc; regionally, nationally and within EIT to address Information compliance issues affecting EIT and its partners.Working closely with cross-functional teams, you'll create essential documentation, policies, and procedures to guide data protection practices across the organisation.As a subject matter expert, you'll provide guidance and training to employees on data protection best practices and ensure ongoing compliance with regulatory requirements.Provide practical advice to the business on a broad range of data protection related matters.Assess risk and ensure regulatory deadlines are met.Develop the Data Protection compliance monitoring programme for Data Protection across the Group, working collaboratively with the business.Ensure Privacy by Design requirements are met and privacy risks are managed.Lead, support and participate in working groups that promote privacy and provide ongoing support across the organisation.Deliver training and awareness of Data Protection across the Group.Develop existing Policy Documentation, Processes Notices and Procedures and related practical guidance.Keep up to date with the latest changes in applicable legislation, industry news and guidance.Any additional duties or tasks, as requested by leadership, commensurate with job role.Person SpecificationEssential Knowledge, Skills and ExperienceKnowledge of current/proposed UK privacy and data protection legislation (including the Data Protection Act, UK General Data Protection Regulation and Human Rights Act).Prior experience in data protection, privacy law, or information security is essential for this role.Demonstrated expertise in conducting DPIAs, developing DPAs, and maintaining a risk register.Practical experience operating within a Data Protection role, demonstrating the capacity to manage activities within both project lifecycle and departmental BAU compliance environments.Experience of translating Data Protection legislative requirements into pragmatic and practical advice.Must have worked in either a start-up or rapidly scaling business.IT literate with experience of working in a cloud-first company and using cloud-based applications.Expert knowledge of UK data protection law.Practical experience of two years or more in developing and implementing data protection related policies, processes and procedures as part of a privacy program.Experience in working collaboratively with project teams to ensure Privacy by Design and Default requirements are being met.Able to provide risk-based, considered and practical advice to the business on a broad range of Data Protection related matters.Ability to handle confidential information with integrity and impartiality.Comfortable working independently or as part of a team, including remote work capabilities.Experience in developing and leading data governance programmes or frameworks.Knowledge of data governance practices, business and technology issues related to management of enterprise information assets and approaches related to data protection.Strong analytical skills and attention to detail are crucial for conducting comprehensive audits and assessments.Excellent communication skills are essential for effectively collaborating with stakeholders and educating employees on data protection protocols.Proactive and flexible approach to working.Ability to work to deadlines.Hold a degree in law, information technology or a related field.Desirable Knowledge, Skills and ExperienceFlexible approach and ability to take account of new information, changed circumstances and business requirements then modify the response to a problem or situation accordingly.Excellent analytical and conceptual thinking skills.Ability to work under pressure in a busy and fast-paced environment.Able to independently research aspects of regulation and legislation.Terms of AppointmentYou must be eligible to work in the UK with a willingness to travel as necessary.You must be based in, or within easy commuting distance of, Oxford and be prepared to workon site a minimum of 4 days a week.During peak periods, some longer hours may be required and some working across multiple time zones due to the global nature of the programmes.Hours of work will generally be Monday to Friday, core hours 08:30-17:30 and will be office/site based. However, due to the nature of the role and organisation there may be times where flexibility is required during the evening and occasionally weekends. Please apply online providing a covering letter specifically highlighting how your existing skills and experiences support fulfilling the responsibilities of this role. The Ellison Institute of Technology is an equal opportunity employer. We believe that an inclusive, collaborative team environment is just as important to our mission as stethoscopes and microscopes. We strive to always provide employees a supportive atmosphere, so they feel confident taking creative risks towards innovation. EIT values emotional intelligence and communication with empathy and respect for others. We seek to build a diverse group of people who are curious, have a deep sense of responsibility, and the grit needed to achieve excellence. #LI-PE# We've received your resume. Click here
to update it.
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) orPaste resume
What's your highest level of education completed?*
Desired salary*
How many years experience do you have as a DPO?*
Have you ever worked in a start-up or rapidly scaling business?*
EIT are unable to support securing a work visa or sponsorship for this role. Do you possess existing unrestricted UK Right to Work?*
Are you prepared to work at our offices at the Oxford Science Park, full time (a minimum of 4 days a week).*
The following questions are entirely optional.
To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more .
#J-18808-Ljbffr