- Develop and implement Compliance programs with a large focus on Data Protection.
- Working with IT security consultants, Data Protection Officer and IT service company to co-ordinate external due diligence requests and audits and to obtain certifications (such as ISO and Cyber Essentials).
- Serve as the internal expert for data management activities such as advising on the preferred personal data management processes (inc. informed consent forms).
- Documenting business processes and procedures, creating road maps.
- Support process improvements across the organisation to enhance efficiency.
- Ensure staff adherence to data protection and information security requirements.
- Conduct internal audits, track risks and remediation.
- Lead compliance training initiatives for the team.
- Lead supplier onboarding, due diligence, and annual checks.
- Conduct monthly and quarterly checks to ensure compliance with control measures.
- Update and maintain company policies and procedures.
- Stay current with industry compliance trends and regulations, implementing updated legal or regulatory requirements.
- Strong understanding of data protection laws & regulation including GDPR (global exposure to data privacy would be a bonus)
- Experience of having led or supported a small or medium sized business through ISO27001 accreditation with professional advisors.
- Proven ability to develop and manage compliance programs.
- Strong analytical and problem-solving abilities.
- Detail oriented with a focus on accuracy.
- Good commercial awareness.
- IT literate, confident using MS Office and a range of software platforms.
- A methodical individual who tackles projects in a logical and process orientated way.