Senior Data Privacy Advisor

We are looking for an experienced Data Privacy Advisor to provide senior Data Privacy advisory support across the clients COO (Chief Operating Office) & Functions within the Data Privacy Team as part of the clients Chief Data Office (CDO). The successful candidate will work closely with the Head of Data Privacy, Data Privacy leads in each Business vertical, Data Privacy Compliance, and other Data stakeholders.

Candidates will be required to work from the office in central Glasgow 37.5 hr week, working on a hybrid basis.

Key responsibilities as a Senior Data Privacy Advisor:

• Serve as a Senior Data Privacy SME (Subject Matter Experts) and advisor for the Business and accountable Business Senior Manager(s).


• Fulfil responsibilities aligned to the Data Privacy RaCI Guide and advise the Businesses in line with relevant client wide policies and standards related to Data Privacy in accordance with the strategy and governance framework.


• Ensure Data Privacy is considered in new product approval and technology change processes and provide check/challenge in relation to new business propositions in relation to Data Privacy key risks to ensure that any risks are identified, and appropriate mitigating actions taken.


• Collaborate with the Data Privacy Governance team to ensure that Data Privacy related incidents, breaches, and risk events are appropriately reported, recorded, and monitored at the relevant governance fora.


• Building and maintain key stakeholder relationships and work closely with the Head of Data Privacy, Data Privacy leads in each Business vertical, Data Privacy Compliance, and other Data stakeholders.


• Drive the development of training to upskill DP functional leads in verticals, operating in a partnership role to upskill the wider population ensuring awareness of actual and emerging data privacy issues, themes, and risks.


• Ensure that the Businesses are advised of changes to Data Privacy related law/regulations and work with the Businesses to implement any operational changes.


• As necessary, collaborate with Legal to support these discussions and approach to address.


• Responsible for maintaining records of DP relevant artifacts.


• Responsible for ensuring these are kept accurate and up to date including the annual review of privacy notice(s) and Records of Processing Activities (RoPAs).


• Responsibility for identifying, assessing, and controlling the risks associated with transferring Personal data to a different jurisdiction.


• Provide input into or measure, as appropriate, conformance, assurance, and reviews from the perspective of Data Privacy within the Businesses, such as verification checks or monitoring reviews.


• Respond to ad hoc and critical DP (Data Privacy) control and governance requests and work on various projects and initiatives to ensure that an appropriate control lens is provided.


• Oversight of data privacy related incidents, issues, and control gaps, working with issue owners to ensure that analysis is undertaken for control weaknesses to be identified and remediated and be responsible for all subsequent change activities


• Monitor external privacy developments and maintain professional knowledge to ensure that processes reflect external best practice.

The ideal applicant will have following skills and experience:

• Relevant knowledge with proven experience in data protection regulations/requirements in the UK, India and / or across the rest of the World (US, APAC & European regions), preferably in the financial services industry.


• Previous leadership experience, including people management, planning and promoting process improvements.


• Previous Business, Compliance or Legal experience is preferred but not required.


• Proven experience of advising and/or managing Data Privacy issues.


• Ability to operate in a fast-moving business environment and make decisions bearing in mind business objectives and commercial requirements.


• Strong technical and regulatory knowledge in the areas of Data Privacy.


• Certifications in one or more of the following disciplines: data privacy, legal, compliance information risk or information technology would be useful.


• Professional Privacy Certification from the International Association of Privacy Professionals (e.g., CIPP /E) or equivalent is preferred.


• BCS qualification in Data Protection.

If you are successful and offered an opportunity, we will need to carry out pre-engagement screening, this will usually include a DBS Check, Credit Check, and references from previous employers.