|Job ID||Location||Work Location|
|21036X||Reading||Reading Office (GBM)|
|Job Type||Contract Type||Hours Per Week|
|Shift Pattern||Closing Date|
|Standard Working Week||N/A|
Where possible we’re committed to flexible working and supporting our employees to have the right work life balance. Do however note, if you choose to apply for a different work location you will not have any eligibility for relocation support or travel allowances.
Reporting to the Data Protection Officer, the Compliance Lead – Data Protection will provide specialist, practical, regulatory guidance and support to ensure that Three has the right policies, processes, procedures and controls in place to operate in line with its legal and regulatory obligations under UK data protection laws and regulations.
The role will:
- Work collaboratively with the data protection team, colleagues in Compliance, Legal and InfoSec as well as the wider business to ensure that legal and regulatory requirements / best practices relating to data protection laws and regulations are effectively identified and implemented
- Review / provide guidance on the development of compliance related policies, procedures, processes and controls to facilitate compliance with applicable laws and regulations
- Work closely with the wider Risk & Compliance team to provide holistic support to the business
- Facilitate the identification, investigation management and resolution of compliance related issues
- Prepare relevant compliance reporting to meet both internal and external regulatory requirements
- Engage with 1st / front line operational business teams to inform and advise 3UK and our employees about our obligations to comply with data protection laws and regulations
- Monitor compliance with the GDPR and other data protection laws, and with our data protection policies, including managing internal data protection activities and conducting compliance reviews
- Ensure that H3G UK remain properly registered under the law and maintains an active article 30 register of processing activities, driving audit and associated data management processes
- Manage data privacy breaches or near misses, support the identification of the root cause, mitigations and monitor implementation to prevent recurrence
- Work with the business to implement compliance with data protection laws and regulation into its transformation programme
- Oversee the subject access request process and individual rights, identify and evaluate our data processing activities
- Excellent understanding and knowledge of UK data protection legislation & regulatory regime, with a proven history of working in the field of data protection (including e.g. ISEB/CIPPE qualification)
- 3 + years of subject matter expertise in providing compliance support for data protection compliance including a proven track record in carrying out monitoring reviews
- Previous experience in a B2C environment with large customer data sets, including marketing Demonstrable experience in the application and implementation of Privacy by Design and Default, conducting Data Privacy Impact Assessments and independent assessment of data breaches
- Strong communication and interpersonal skills are essential; a people person skilled at building and maintaining relationships both internally and externally as well as managing key stakeholders
- Ability to work collaboratively with relevant stakeholders to plan, organise and prioritise activities to efficiently meet business objectives
- Work well under pressure, be flexible and comfortable with ambiguity and manage several tasks at the same time working to tight deadlines
- Degree qualified (preferably legal) and/or recognised data protection qualification.
- Proven track record in supporting a large-scale transformation in relation to data protection requirements
Three are a proud signatory of the Tech Talent Charter (TTC), working across industries to drive greater inclusion and diversity in technology roles.