Data Protection Analyst
Data Protection Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Description
Fixed Term Contract (End date: 31st December 2025
aberdeen plc is oneof Europes largest investment companies and we are built on a longstanding culture of caring about the future and making a positive impact. Together we invest for a better future. We do it to make a difference to the lives of our clients and customers our employees society and our shareholders.Our business is structured around three distinct areas focused on our clients changing needs.
abrdn Investments a leading investment management business looking after 368bn of assets for Institutional Wholesale and Insurance clients
abrdn Adviser one of the UKs largest providers of platform services to financial advisers with 75bn in assets across our Wrap and Elevate platforms
interactive investor the UKs most trusted investment platform for individual investors with 430000 customers who have invested almost 75bn with us
Our strategy is to build a vibrant and valuecreating purposeled organisation with the current and future needs of our stakeholders at the heart of all we do.
About the role
As part of the central aberdeen Risk & Compliance function the Data Privacy Office plays a key role in the provision of oversight challenge and assurance to relevant stakeholders that privacy related risks are identified and managed in line with aberdeens statutory obligations under applicable privacy & data protection laws.The Data Privacy Office is also responsible for the development of appropriate policies and procedures which set the minimum standards and controls required to be met by the first line business teams and functions to demonstrate their ongoing compliance with the relevant laws.
Reporting directly to the Data Protection Officer and Global Head of Data Privacy (DPO) the Data Protection Analyst plays a crucial role in ensuring that the companys data privacy practices are in line with global standards and regulations. This role requires a deep understanding of privacy and data protection laws as well as the ability to apply this knowledge in a practical way to support colleagues in the first line business teams.
Key responsibilities
Develop a sound working knowledge of the various privacy & data protection laws which apply to aberdeens business operations in Asia Pacific Americas EMEA and UK
Identify legal/regulatory change and interpret new often complex laws (including case law) and regulatory guidance from relevant global privacy supervisory authorities e.g. the ICO CNIL to support business areas to assess potential implications / actions required to be taken to demonstrate compliance
Provide prompt effective and pragmatic advice to colleagues and senior stakeholders on matters relating to privacy & data protection compliance including data privacy impact assessments; personal data breaches; and responses to data subject rights requests
Maintain and develop aberdeens privacy & data protection solution
Support the DPO to embed maintain and monitor compliance with the global Privacy & Data Protection Policy and Standards and RCSA
Provide advice to internal Legal on the relevant data processing clauses for inclusion in third party contracts / intra group agreements and where necessary conduct / oversee Data Transfer Impact Assessments to ensure compliance with the new international data transfer rules
Develop appropriate content for the internal Privacy & Data Protection Hub and the internal training module to support colleagues understand aberdeens obligations and their personal responsibility to process personal data in line with policies and laws
Occasionally lead on with minimal support from the DPO the provision of advice in relation to some of the more complex matters / key strategic projects to support timely delivery of aberdeens strategic objectives
Establish strong relationships with a network of data privacy practitioners across the business to assist with reporting and alignment of practices with minimum standards set for aberdeen as a whole
Assist with collation of evidence to support Audits personal data breachinvestigations and reporting to regulators (where necessary)
Develop appropriate metrics for regular reporting to stakeholders with supporting commentary on the DPOs views on risks and actions required to address any compliance gaps
Maintain an accurate register of Data Controllers and registrations with the supervisory authority where required
Assist the DPO on data protection incidents and in notifying relevant authorities where required in line with statutory obligations
Proactively drive further improvements in DP Office and local business processes to ensure an effective and robust privacy management framework is in operation continually and reflects changes in the business operating model
About the candidate
Experience in a privacy compliance role (across all disciplines of privacy & data protection from minor incidents to advising on complex contractual matters) within a fast paced dynamic business
Educated to degree level or equivalent or holding a Data Protection qualification or certificate granted by an appropriately accredited awarding body (e.g. CIPP/E)
Demonstrable experience and deep understanding of the legislative and regulatory landscape relating to data privacy & protection in particular but not limited to EU GDPR.
Proven ability to prioritise effectively; adept at balancing a number of different pieces of work working to tight timescales and reacting where required to support live issues
Must be able to understand and interpret complex legal and regulatory guidance; applying knowledge to provide pragmatic advice and guidance
Strong analytical skills; able to analyse large volumes of information to understand root cause trends and assess materiality of risks; recommending actions to strengthen existing practices
Must be able to professionally challenge yet support colleagues in delivery of business objectives; knowing when to escalate to support compliance with statutory obligations
Strategic thought leadership ability to identify and provide a view on issues and risks which may impact the companys strategic objectives beyond those specifically relating to data protection matters (thinking and acting like an owner of the business)
Were committed to providing an inclusive workplace where all forms of difference are valued and which is free from any form of unfair or unlawful treatment. We define diversity in its broadest sense this includes but is not limited to our diversity of educational and professional backgrounds experience cognitive and neurodiversity age gender gender identity sexual orientation disability religion or belief and ethnicity and geographical provenance. We support a culture that values meritocracy fairness and transparency and welcomes enquiries from everyone.
If you need assistance or an adjustment due to a disability please let us know as part of your application and we will assist.
Required Experience:
IC
Employment Type
Full-Time
