Group DPO & Managing Counsel (Privacy) - Cardiff

Hello, we’re Starling. We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We’re a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We’re a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,000 people across our London, Southampton, Manchester and Cardiff offices.We’re looking for a Group Data Privacy Officer (Group DPO) and Privacy Legal Lead to join Starling Bank who will be responsible for promoting and overseeing data protection compliance across the Group, overseeing the day to day activities of the Group Data Protection and Privacy Legal team and advising on privacy legal matters. You will also take responsibility for the group’s data protection policies and related process & procedure documentation. You will have significant influence and exposure across the Bank, with the responsibility of managing and motivating a small team of privacy specialists. The role represents a fantastic opportunity to join a vibrant institution and to shape the Bank’s attitude and approach to privacy and data protection.The Group DPO and Privacy Legal Lead will: Manage, own and oversee data protection compliance for customer and employee data, overseeing a small team of privacy specialists within the wider legal team Provide advice and legal support across the group in respect of privacy legal matters Oversee the day-to-day data protection activities of the team Drive a positive data protection culture and promote compliance awareness across the business, including developing bespoke data protection awareness campaigns and training programs Oversee completion of DPIAs/PIAs and provide pragmatic privacy advice on innovative business projects Draft internal policies, procedures, and guidance materials, and maintain compliance documentation. Provide appropriate oversight, review and challenge from a data protection perspective, considering the application of the data protection principles, individual rights and the Bank’s ability to demonstrate its compliance in this area Monitor privacy controls against policies and procedures, complete data protection assurance reviews from start to finish and produce and present reports to the Board Spearhead large-scale, cross-functional privacy improvement projects Maintain expert knowledge of the data protection environment through frequent horizon scanning of new legal and regulatory requirements and monitoring the industry landscape for any trends and best practices related to data protection Support the development and training of the team. Requirements Prior experience as a DPO; Legal qualification and previous qualified experience advising on data protection matters in the financial services industry (a recognised Privacy qualification is also beneficial, e.g. CIPP, CIPM etc.). Proven experience of conducting data protection assurance activities from start to finish, reviewing (and challenging) Data Protection Impact Assessments (DPIAs) and supporting the business on privacy related matters Deep understanding of DPA, GDPR, PECR, and future privacy legislation, best practices, and relevant case law for a Financial Services firm Expert knowledge of data protection laws and regulations, with the ability to express complex ideas or legislation in easily understandable ways Ability to read and digest data protection legislation and summarise key points Excellent leadership and influencing skills, with proven experience of managing a team Demonstrable ability to analyse privacy problems and communicate solutions to a wide range of audiences Highly organised and capable of managing a broad range of responsibilities in a fast-paced environment Excellent communication skills and report writing skills High work standards with a strong attention to detail Self starter; proactive attitude, committed to continuous improvement and willing to drive different initiatives Benefits 25 days holiday (plus take your public holiday allowance whenever works best for you) An extra day’s holiday for your birthday Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off 16 hours paid volunteering time a year Salary sacrifice, company enhanced pension scheme Life insurance at 4x your salary & group income protection Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton Generous family-friendly policies Incentivised refer a friend scheme Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing About UsYou may be put off applying for a role because you don’t tick every box. Forget that! While we can’t accommodate every flexible working request, we’re always open to discussion. So, if you’re excited about working with us, but aren’t sure if you’re 100% there yet, get in touch anyway.We’re on a mission to radically reshape banking – and that starts with our brilliant team. Whatever came before, we’re proud to bring together people of all backgrounds and experiences who love working together to solve problems.Starling Bank is an equal opportunity employer, and we’re proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.By submitting your application, you agree that Starling Bank may collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we may process, where we may process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.