+357 25341383 admin@smstaffmatters.com

Group Data Protection Officer

Group Data Protection Officer

Reference: VAC-20288M
  • Company:Corporate Services Company.
  • Location: Cyprus, Limassol
  • Salary: Salary based on skills and experience + 13th salary + medical insurance
  • Job Type: Permanent
  • Job Sector: IT
  • Added on: 28/04/2021

A prominent international Corporate Services Company is looking for a Group Data Protection Officer to join their Limassol office. The position Group Data Protection Officer will help continuously raise levels of knowledge and awareness of both data protection and information governance across all staff and provide the Group with an appropriate level of compliance and reporting on all Data Protection matters.
The role holder will support the practical implementation of the Group’s Data Protection and Information Governance Strategy: its framework, policies, procedures and guidelines in accordance with legislation, national guidance and standards applicable to the Group’s operational jurisdictions. In this role you will report to the Group Director – Risk & Compliance.

Act as the Data Protection Officer for the Group and manage those roles across the Group’s entities with DP & IG responsibilities – i.e. privacy liaisons in offices
Producing MI to give insightful reporting on DP & IG progress and issues when required
Be the escalation point for Data Protection matters including potential breaches and incidents including overseeing the investigation thereof and confirming a detailed root cause analysis is completed
Conduct assessments of Group offices understanding of and compliance with data protection and information governance requirements
Ensure that any gaps identified during post incident reviews or more proactive active assurance reviews are addressed through implementation of effective action plans
To work closely with key staff across all offices and at Group in order to raise awareness of DP & IG agenda and to make recommendations for change in working practices that will enable the Group to be compliant with both Group baseline requirements, and also those applicable national standards as required in the jurisdiction of operation.

Duties will include:
Evaluate and interpret, as applicable the associated national policies and legislation relating to Information Governance and Data Protection applicable to the operational jurisdictions of the Group and writing / updating policies and procedures for promulgation across the Group.
Establish, monitor and develop procedures to ensure that the Group complies with all relevant legal, constitutional and regulatory requirements including, in particular, The General Data Protection Regulation (GDPR) and all relevant data protection and information governance regulations applicable to the operational jurisdictions of the Group.
Assist with the definition and documentation appropriate Data Protection and Information Governance performance measurement criteria, to monitor achievement of improvement plans and report findings to the relevant fora
Coordinate pan-Group data protection and information governance oversight and reporting to support Group level reporting on a timely basis.
Manage the Group’s Data Protection Representation contract and requirement in-line with regulatory requirements.
Ensure that all DP & IG related information requests are appropriately managed in line with the applicable legislation of the Group corporate requirements and any local jurisdictional requirements.
Provide applicable DP & IG reports for external bodies as required – i.e. Information Commissioner summary reports on processing, DPIA logs & reviews, etc.
Preparing reports on DP &IG progress and issues to the applicable Group boards and committees as and when required.
To lead the development and delivery of specific DP & IG training programmes for all staff across the Group.
Provide practical support with the delivery of plans and the continuous embedding of data protection requirements.

Relevant professional qualification (CIPP or similar)
Project management qualification and experience is desirable
At least 3 years of data protection experience including liaison with regulatory authorities (ideally as a DPO)
At least 10 years experience in a related field
Excellent written and report writing skills
Fluency in English Language (Both verbal and written communication)
Ability to interpret complex regulatory requirements into practical plans
Self-motivated and able to work independently
Experience of operating at Board level and reporting to Boards and committees

The salary is based on skills and experience + 13th salary + medical insurance

The working hours are 35 hours per week (Monday 9am – 5pm with 1 hour lunch break)

Proceed with the application – change button to application and not application(s)