Specialist - Data Protection - IT

Company Profile: Established in 1978, NES Fircroft is an award-winning staffing specialist that supplies technical and engineering experts ("white collar") to Oil and Gas, Power, Construction & Infrastructure, Life Sciences, Manufacturing, Chemical, Mining, Automotive and IT sectors worldwide on an international basis.

We're a highly experienced team of over 2000 professionals made up of recruitment consultants and support staff spanning 58 offices worldwide.

We work with top candidates to ensure that we can offer a full range of staffing solutions to our clients, complemented by industry-leading support services.

Role Objective: Provide effective and efficient administrative support to the Data Protection Advisory Team to ensure data protection obligations are achieved, that data is processed in line with NES' Privacy Notice and governance controls reflect NES expected business standards.

Key Responsibilities: The main duties of the role will be to:

- Perform transfer impact analyses to assess the risks associated with transferring data across different jurisdictions and ensure compliance with data protection laws and regulations.

- Evaluate global data processing obligations to ensure continued compliance of NES data processing activities.

- Conduct privacy impact assessments linked to internal systems, projects and operations to ensure mitigation of risk and provide compliance recommendations.

- Satisfy data subject's rights in accordance with legislation and process requests with internal system owners;

- Liaise with internal departments on data impacts and security, retention periods and data questionnaires.

- Maintain records of data processing activities relating to business activity and records;

- Monitor incoming queries and requests associated with data subjects, data privacy and general data usage;

- Maintain registers resulting from risk assessments, non-conforming areas and data processing activities, producing periodic reports based on results.

- Schedule and prepare Data Protection meetings, take detailed minutes and manage resulting actions;

- Record security events and/or breaches and lead investigations through to conclusion;

- Assist in the preparation and upkeep of guidance and policy documents relating to data processing;

- Generate data flows associated with client relationships and personal data use;

- Undertake information audits of business processes, systems and data processing activities against defined criteria, managing resulting areas to ensure NES Fircroft achieve intended results;

- Observe a code of strictest confidentiality at all times;

- Monitoring performance to determine conformity, effectiveness, risk and improvement opportunities;

- Act as a Data Protection Champion; raising awareness, managing data related training modules, and providing overall support across global operations.

- Undertake other duties commensurate with the position to ensure the smooth operation of NES Fircroft's data protection obligations, including supporting the Risk & Special Projects team in satisfying NES Fircroft's:

- Compliance to legislative and contractual requirements through process controls;

- Conformity to the Integrated Management System;

- Adherence to obligations relating to data processing; and

- Implementation of data protection principles across global locations.

Person Specification:

- Excellent time management, organizational and communication skills, both written and verbal;

- Experience overseeing compliance criteria and key activities within a demanding environment;

- Ability to multi-task, change and re-priorities quickly and effectively in a fast-paced environment and to work with minimal supervision.

- Attention To Detail.

Essential Criteria:

- Previous experience / knowledge of facilitating data privacy/protection policies and governance procedures.

- Previous experience / Knowledge in data protection assessments associated with data transfer and dataprivacy.

- Knowledgeable with Microsoft spread sheets (particularly pivot tables, conditional formatting and reports);

Desirable Criteria:

Whilst desirable to have recruitment industry experience (but not a necessity), the preferred candidate should be familiar with working in an office environment or a setting where processing personal data is a major factor of their role/business.

Ideally, the candidate would also have a working knowledge of one (or more) of the following:

- Certifications in CIPP, CDPO, ISO/IEC 27001 Auditor or Lead Auditor;

- The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), CCPA and/or HIPPA;

- ISO Standards (Information Security (ISO/IEC 27001)/Privacy Information (ISO IEC 27701:2019); or

- Other international standard/specification on information management.