Information and Privacy Specialist

On behalf of The Department for Transport - Maritime and Coastguard Agency (MCA), we are looking for an Information and Privacy Specialist (Inside IR35) for a 6 month contract. Remote working with occasional travel to Southampton.

The Data Protection team works as part of the Maritime and Coastguard Agency's (MCA's) Corporate Governance framework to inform the Agency's compliance with Data Protection and Information Access Legislations. The team acts as a point of contact for individuals whose personal data the MCA processes and ensures lawful and compliant processing and disclosure of personal information under the relevant legislations.

The Information and Privacy Specialist will be responsible for managing the Agency's compliance with information access/information rights legislations, providing expert advice to the organisation to ensure compliant and lawful processing of requests. They will review and approve disclosures of information requested under the Freedom of Information Act 2000 (FOIA), Environmental Information Regulations 2004 (EIR) and the Subject Access provisions of the General Data Protection Regulation (GDPR)/Data Protection Act 2018 (DPA) to ensure lawful and compliant disclosure.

As an Information and Privacy Specialist, your main responsibilities will be to:

• Support the Head of Data Protection in the provision of expert advice to the MCA, its suppliers and employees on a wide range of information access and data protection matters, ensuring a sensible and proportionate approach is taken to help the department process and disseminate personal data in a lawful way that inspires staff and public trust and confidence, with the provision of timely, accurate and well-written expert advice.
• Manage the lawful and compliant disclosure of information under the Freedom of Information Act/Environmental Information Regulations and the Subject access provisions of the General Data Protection Regulation (GDPR)/Data Protection Act 2018 (DPA), providing expert guidance, reviewing, and approving lawful disclosures of information to data subjects or investigating authorities.
• Assist the Head of Data Protection in responding to formal complaints received from data subjects, managing the logging and recording of complaints processed and assisting with complaint investigations.
• Ensure the Agency's lawful processing of requests from individuals to exercise the Individual Rights provisions of the General Data Protection Regulation (GDPR)/Data Protection Act 2018 (DPA) including requests for Erasure and Restriction of processing.
• Provide expert advice and assistance to the Agency on data protection and information rights issues, including the development of legal agreements relating to the processing of personal information to ensure data protection compliance, including data sharing, DPIAs, risks, privacy notices and any other data protection and information access-related matters, as required.
• Assist the Head of Data Protection in all capacities, as required, including acting as point of cover when required, co-ordination of correspondence with the Information Commissioner's Office in relation to data subject rights, complaints, and data breaches, acting as the MCA point of contact with the ICO and data subjects on issues relating to processing/complaints.

Experience in information access/information rights legislations, successfully obtained Freedom of Information Practitioner Certificate, or have sufficient comparable prior experience and knowledge to undertake this soon after starting the role.

Understanding of how public sector organisations work (governance) and the application of the information access and data protection regimes to public sector bodies, including understanding of records management, publication requirements and best practices.

Understanding of UK GDPR and DPA including breach management and transparency requirements.

A history of working collaboratively and inclusively with external organisations and other stakeholders, sharing information and knowledge to achieve common aims.

Excellent communication skills, both verbal and written, highly skilled in the delivery and absorption of information with colleagues at all levels.

Experience in a data protection environment including data protection by design and default, data protection impact assessments and record of processing activity requirements.

Experience in information security principles and standards and be able to apply this alongside data protection legislation to advise data and security professionals in developing data management standards and processes.

Please be aware that this role can only be worked within the UK and not Overseas.

Disability Confident: As a member of the Disability Confident Scheme, DfT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.

DfT guarantees to interview veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.

In applying for this role, you acknowledge the following: this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different.