Group Head of Data Protection

1st Central


Job Location:

Haywards Heath - UK

Monthly Salary: Not Disclosed
Posted on: 30+ days ago
Vacancies: 1 Vacancy

Job Summary

Were 1st Central a market-leading insurance company utilising smart data and technology at pace. Rapid growth has been based on giving our 1.4 million customers exactly what they want: great value insurance with an excellent service. And thats the same for our colleagues too; we won Insurance Employer of the Year at the British Insurance Awards 2024 and our Glassdoor score is pretty mega too!

At 1st Central data sits at the heart of everything we do so protecting it is both a legal obligation and a core responsibility.

Were looking for a Group Head of Data Protection (DPO) whos passionate about privacy someone whos curious commercially aware and ready to shape the future of data protection across our Group.

Youll be our senior voice on all things data protection - advising the Executive Boards and senior leaders and setting the strategic direction for privacy across the Group. Youll lead a highperforming Privacy team and make sure were not just compliant but confident in how we manage and protect data.

Were looking for someone who has:

  • Significant experience as a DPO or from a similar compliance role

  • Expert knowledge of data privacy legislation including GDPR

  • Expert knowledge of cybersecurity risks and other information security standards such as ISO27001

  • The ability to make good judgements regarding data privacy risks and to prioritise resources and activity around managing those risks

Whats involved:

  • To be responsible for the development of a high performing Privacy team creating a clear vision whilst building strong relationships inside and outside the Group in order to collaborate with and influence the executive and senior management across the Group and externally with corporate partners including data subjects regulators suppliers and professional bodies

  • To have an excellent understanding of the key regulatory and statutory rules regulations principles and codes of practice incumbent upon Group companies and the jurisdictions in which they are domiciled in so far as they are relevant to the delivery of appropriate Data Protection compliance requirements and to keep such awareness up to date

  • To define with the Executive Boards and other senior stakeholders and implement the Groups Data Protection Strategy

  • To define scope gain Audit Committee approval for and deliver the Groups data privacy programme

  • To report to the Groups Risk Committees on the compliance position highlighting key risks incidents and matters requiring decisions by the relevant Board or senior management

  • To act as Data Protection Officer for all Group entities where the role is required and be owner of the Group Data Protection Policy

  • To take overall responsibility for the oversight of Data Protection compliance and related Regulatory matters across the Group

  • Inform and advise Senior Management on data protection laws and policies

  • Monitor compliance with data protection laws and policies and report on this to the Executive SICL Management Committee FCIM Management Committee and Group Audit committees.

  • Oversee the maintenance of records required to demonstrate data protection compliance

  • Supervise the Privacy Teams completion of data protection impact assessments and develop and execute relevant project plans

  • Manage a program of awareness-raising and training to deliver compliance and to foster a data privacy culture within the company

  • Review Data Protection clauses in client terms and supplier contracts

  • Define implement and lead a data incident response and data breach notification procedure as well as provide incident management response where applicable

  • Be the contact point with and co-operate with the relevant Data Protection Authorities and to data subjects when exercising their individual data rights as well as supervise and advise on the response to such requests

  • Being the focal point for all activity relating to data protection

  • Promote a culture of awareness of data security throughout the company

  • Comply with the requirements and act in accordance with the Group Code of Conduct and Fitness and Propriety policies at all times

  • Responsibility for maintaining department risk registers providing evidence and commentary for controls updates for Mitigation Actions and maintaining control matrices and attestations. Also to ensure that your employees are aware of their responsibility to identify and report risk.

  • Ensure compliance with Company Policies Values and guidelines and other relevant standards/ regulations at all times including compliance with the Senior Managers Certification Regime (SMCR) Conduct Rules

Job-specific Competencies

Experience & Knowledge

  • Knowledge of FCA requirements (including individual responsibilities in relation to Consumer Duty)

  • Significant experience as a DPO or from a similar compliance role

  • Proven track record in leading data protection issues at a senior level

  • Project management experience

  • Experience of interfacing with data protection regulators

  • Experience in designing and implementing a data protection strategy

  • Experience leading a department

  • Educated to degree level

  • IAPP CIPP/E or CIPM or equivalent data privacy qualification

  • Qualified Lawyer

  • Very familiar with UK Gibraltarian Guernsey and European data protection laws and practices including (but not limited to) the Data Protection Act 2018 Privacy & Electronic Communications Regulations 2003 and the General Data Protection Regulation

  • A knowledge of best practice in information security risk management legal or audit

  • Expert knowledge of data privacy legislation including GDPR

  • Expert knowledge of cybersecurity risks and other information security standards such as ISO27001

Skills

  • Ability to make good judgements regarding data privacy risks and to prioritise resources and activity around managing those risks

  • Excellent time management and organisation skills

  • Ability to conduct the role independently and with integrity

  • Ability to plan organise and prioritise tasks and projects

  • Strong analytical skills

  • Extremely strong communication influencing and stakeholder management skills

Behaviours

  • Proven ability to establish and maintain a high degree of confidentiality respect trust and credibility at all levels

  • Strong team player and proven ability to lead and manage a team

  • Enthusiastic and positive

  • The ability to remain calm controlled and resilient

  • Self-motivated and enthusiastic

  • An organised and proactive approach

  • Strives to drive business improvements to contribute to the success of the business

If youre ready to lead influence and make a real impact wed love to hear from you.

What can we do for you

People first. Always. Were passionate about our colleagues and know the best people deserve an extraordinary working environment. We owe it to them so thats what we offer. Our workplaces are energetic inspirational supportive. To get a taste of the advantages youll enjoy take a look at all our perks in full here.

Intrigued Our Talent team can tell you everything you need to know about what we want and what were offering so feel free to get in touch.


Required Experience:

Director

Were 1st Central a market-leading insurance company utilising smart data and technology at pace. Rapid growth has been based on giving our 1.4 million customers exactly what they want: great value insurance with an excellent service. And thats the same for our colleagues too; we won Insurance Employ...

About Company

Company Logo

Find your next job with First Central, a fast-growing UK insurer and innovator in data, which has offices in Sussex, Manchester, Guernsey and Gibraltar.

View Profile View Profile