Senior Data Privacy Consultant

About Bridewell

One of the most exciting prospects in the UK cyber security sector today, Bridewell is a leading cyber security services company specialising in protecting and transforming critical business functions for some of the world's most trusted organisations. We are the trusted partner for operators of essential services and provide end-to-end cyber security capabilities that help our clients overcome their security challenges, allowing them to operate safely and securely. Bridewell holds the Gold level, Investors in People award which we feel solidifies and reflects on the outstanding calibre that makes us truly one team.

Who are we looking for?

Due to continued growth, we are looking for ambitious individuals who are passionate about Data Privacy and are keen to continue to develop and grow with us. You are a client facing Data Privacy professional, with extensive experience delivering interesting projects and maintaining client relationships at a senior level. You will have a broad range of expertise across Data Privacy and be able to articulate, sell and deliver different Bridewell propositions to our target markets.

What you'll be doing:

• Primary responsibility will be to deliver on client engagements, typically this could be working on one large programme of work or delivering on a number of different privacy projects for a select group of Bridewell's clients.
• Activities may include but not limited to:

• Implementing Data Protection by Design and Default processes;
• Data Breach investigation, assessment and notification;
• Implementing and conducting Data Protection Impact Assessments;
• Data protection and privacy considerations in supply chains;
• Data mapping;
• Implementation and handling of data subject rights processes;
• Producing Privacy Notices and Policies;
• Provision of advice on data protection and privacy matters;
• Development of Records of Processing Activities and related processes;
• Delivering and preparing training and awareness programmes;
• Third party due diligence and ongoing assurance;
• Review and drafting of data protection processing agreements;
• Identification, mitigation and management of privacy risks;
• Staying up to date with privacy requirements and changes through your own research as well as attending conferences and events;
• Working with others to identify sales opportunities and support pre-sales activities.

What we're looking for:

• Approx. 4-6 years of professional experience and expert technical knowledge of relevant UK, European and global data protection laws and regulations, such as GDPR, PECR and UK DPA.
• Relevant certifications such as CIPP/E, CIPM, CIPT, Practitioner Certificate in Data Protection (PDP or equivalent).
• Ability to work effectively within a team environment.
• Proficient in the use of IT systems, such as OneTrust, and applying data protection in a practical context.
• Practical experience of applying expert domain knowledge across a number of delivery scenarios, including but not limited to, data mapping, responding to data subject requests, managing personal data breaches, undertaking Data Protection Impact Assessments, undertaking privacy audits and gap analysis and conducting contract reviews.
• Practical experience of developing, maintaining and implementing Data Privacy Frameworks in a variety of organisations including during times of large-scale transformation.
• Practical experience of applying a range of risk management approaches, conducting risk assessments and being able to articulate risk effectively.
• Practical experience of providing independent support and advice on a wide variety of privacy issues.
• Experience in operating in the role of Data Protection Officer, including liaising with regulators, such as the Information Commissioner's Office.
• Knowledge of international privacy law and experience implementing appropriate international safeguards.
• An accomplished communicator with the ability and confidence to present complex issues and influence decisions at all levels within an organisation with excellent analytical, interpersonal and stakeholder management skills.

Other nice to haves would include experience of:

• Previous work experience with regulators or industry bodies.
• Previous experience having worked for or with both Processors and Controllers.
• Working in multiple industries or sectors.
• Presenting at industry events.
• Developing solutions to address client security requirements.
• Supporting business development opportunities, proposal development and presentations.

What's in it for you?

Our vision is to create a safe, inclusive digital world where people and organisations can thrive. Our values of Do the Right Thing, One Team and Above and Beyond emphasise the importance of the part we play in society, and our commitment to our people and clients. Our story to-date has been phenomenal, but success doesn't end here and as we continue to grow and scale, we want to keep the same culture, passion and commitment to high quality that has enabled us to get this far. Bridewell will provide a great career opportunity with continual development as well as the following:

• 25 Days Holiday - Plus buy and sell options.
• Flexible Working (around core office hours).
• Performance Incentive Bonus.
• Company Pension.
• Employee Shareholder Scheme.
• Personal Day & Birthday Off - After 1 year of service.
• Family Leave - After 1 year of service.
• Enhanced Maternity based on length of service.
• Dedicated Training Budget.
• Life Assurance.
• Electric Vehicle Scheme & Cycle to Work Scheme.
• Private Healthcare (incl. Gym discounts and vision care).

Location: Bridewell operates a hybrid and flexible working policy, however you will be required to travel to different sites on occasion.

Note: To be eligible for this job you must either hold SC or be eligible and willing to go through security clearance.

Bridewell values diversity in the workplace and is a fair and equal opportunity employer. We are committed to creating an equal and inclusive working environment, with the aim that our employees will be truly representative of all sections of society and each person feels respected and able to give their best.

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Information Technology

Industries: Information Services