Senior Data Privacy Analyst in London

This job is with Currys, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.

Role overview:

The Senior Data Privacy Analyst will join the Data Management team as part of the Privacy project assurance workstream. In this role, they will work closely with programmes/projects to identify potential privacy/compliance challenges and ensure Privacy by Design principles are adhered to in the end-to-end delivery of projects/suppliers for Currys.

You will have Ownership and Accountability for:

• Managing the cross-functional privacy review process for new programmes across the UK&I.
• Communicating privacy decisions and ensuring they are properly implemented.
• Leading and supporting the completion of privacy risk assessments such as DPIAs, LIAs, TIAs and AI risk assessments.
• Completing third party vendor privacy assessments, reviewing data sharing agreements and data protection clauses.
• Advisory services to programmes and for day to day privacy issues covering: lawful bases, data sharing, international data transfers, data subjects rights, data retention, compliant marketing practices, cookies and consent.
• Facilitating discussion and coordination among business owners, solution architects and privacy stakeholders across the company.
• Tracking and documenting project updates, risk mitigations and key decisions.
• Supporting on-going operational assurance.
• Close collaboration with the Data Protection Office to ensure effective management of data protection, privacy risks and controls.
• Assisting with the investigation, evidence gathering and reporting of data incidents.
• Management responsibilities for one offshore Data Privacy Analyst.
• Assigning incoming projects, tracking and reporting on project statuses, providing support where needed.
• Supporting the continuous improvement of the privacy framework.
• Keeping up to date on current and emerging trends and changes in legislation within the area of Data Privacy and applicability to the organization.

Experience required:

• Expert knowledge of local Data Protection legislation (DPA 2018, PECR, GDPR) and how this impacts business operations.
• Strong understanding of Privacy by Design and how to implement this concept within processes, systems and dataflows.
• Relevant experience, minimum 3 years, in a data privacy, data protection role or similar field.
• Proven ability to analyse problems, identify core issues and recommend appropriate solutions.
• Strong organisational skills with the ability to prioritise multiple projects to meet deadlines.
• Ability to liaise with and influence multiple stakeholders with different requirements.
• Demonstrable knowledge and experience in: Privacy impact assessments, Privacy incident response, Broad experience of regulatory changes and implementations of information governance programmes.
• Experience with privacy management tools such as One Trust is a plus.

Qualifications:

• University degree, desirable.
• Recognised privacy qualification, preferably CIPM and/or CIPPE certification, desirable.

Why join us:

Join our team and we will be with you every step of the way, helping you develop the career you want with new opportunities, on-going training and skills for life. Not only can you shape your own future, but you can help take charge of ours too. As the biggest recycler and repairer of tech in the UK, we are in a position to make a real impact on people and the planet. Every voice has a space at our table and we are committed to making inclusion and diversity part of everything we do, including how we strengthen our workforce.

We want to make sure you have a fair opportunity to show us your talents during our application process, so if you need any additional assistance with your application please email and we will do our best to help.