At a Glance
- Tasks: Ensure compliance with data protection laws and manage privacy governance frameworks.
- Company: Join Mishcon de Reya, a leading international professional services firm.
- Benefits: Enjoy a diverse workplace, flexible working options, and opportunities for growth.
- Other info: Collaborate with top professionals and engage in innovative projects.
- Why this job: Make a real impact on data privacy in a dynamic legal environment.
- Qualifications: 3-5 years of data privacy experience and a law degree required.
The predicted salary is between 60000 - 75000 £ per year.
Mishcon de Reya is looking to recruit an experienced Data Protection Officer (DPO). The DPO will monitor compliance and data practices internally to ensure the business and its functions comply with the applicable requirements under the EU GDPR, the UK GDPR and other relevant legislation. The DPO will be responsible for advising on, and where required carrying out, staff training, data protection impact assessments, data transfer impact assessments, and internal audits.
Key Responsibilities
- This role sits in the Risk & Compliance Department and will work closely with the firm's fee earning Data Practice Group to develop and monitor policies and standards applicable to the business and in compliance with the EU GDPR, UK GDPR and other relevant legislation.
- Implementing measures and a privacy governance framework to manage data use in compliance with the EU GDPR, UK GDPR and other relevant legislation, including developing methodologies for data collection which are compatible with our approach to excellent client service.
- Advising on and assisting with data mapping and records of data processing, and vendor management reviews.
- Reviewing vendor contracts (including relevant standard contractual clauses for international data transfers) and owning the privacy authorisation and assessment of third-party processing activities.
- Ensuring any filing/notification and fee requirements with the Information Commissioner and other supervisory authorities in the jurisdictions we operate are achieved.
- Participating in the relevant internal data governance committees.
- Managing and conducting ongoing reviews of our privacy governance framework and regular and ad hoc reporting on data privacy compliance within the organisation.
- Monitoring changes to relevant privacy laws and making recommendations when appropriate.
- Setting standards and reviewing policies and procedures globally that meet the requirements under the EU GDPR and UK GDPR and any localisation requirements in countries of operation.
- Developing and delivering privacy training to various business functions and collaborating with appropriate internal teams to raise employee awareness of data privacy and security issues.
- Coordinating, conducting and monitoring data privacy audits.
- Collaborating with internal teams to maintain records of all data assets and exports, and maintaining a personal data security incident management plan.
- Providing privacy expertise into AI governance processes, including advising on data protection considerations within AI systems.
- Working with internal stakeholders and team members to respond and advise on data subject rights requests, including data subject access requests (DSARs).
- Ensuring accountability for core privacy operational outcomes, including timely completion of DPIAs, maintaining accuracy and completeness of Records of Processing Activities (RoPA).
- Promoting effective work practices, working as a team member, and showing respect for co-workers.
Skills/Experience
- At least 3 - 5 years PQE / data privacy experience required.
- Experience in EU and UK data privacy laws.
- 3 years’ experience within compliance, legal, audit and/or risk function, with recent experience in privacy compliance.
- Experience in developing policy and compliance training.
- Law degree or post-graduate legal qualification required.
- Hold at least one data protection and/or privacy certification, such as CIPP, CIPT, CIPM, ISEB, etc. (preferred) or willingness to achieve within a short period of joining.
Knowledge, Skills and Abilities
- Strong knowledge of UK and European data privacy and data protection regulation.
- Well-developed and professional interpersonal skills; ability to interact effectively with people at all organisational levels of the firm.
- Ability to work unsupervised, exercise leadership and influence change.
- Excellent writing and presentation skills.
- Strong change and project management skills, including the ability to manage time well, prioritise effectively and handle multiple deadlines.
- Detail-oriented approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues.
- Ability to handle confidential and sensitive information with the appropriate discretion.
The Mishcon de Reya Group is an independent, international professional services business with law at its heart, employing over 1450 people with over 650 lawyers. It includes the law firm Mishcon de Reya LLP and a collection of leading consultancy businesses that complement the firm's legal services. We strive to create a fully diverse and inclusive workplace where all our people are empowered to fulfil their potential.
Data Protection Officer in London employer: Mishcon de Reya LLP
As a leading law firm, we pride ourselves on fostering a dynamic and inclusive work culture that empowers our employees to excel. Our Senior Project Manager - Tech role offers the opportunity to lead transformative technology initiatives in a collaborative environment, with access to ongoing professional development and a commitment to work-life balance. Located in a vibrant city, we provide a supportive atmosphere where innovation thrives, ensuring that our team members can make a meaningful impact while advancing their careers.
StudySmarter Expert Advice🤫
We think this is how you could land Data Protection Officer in London
✨Tip Number 1
Network like a pro! Get out there and connect with people in the data protection field. Attend industry events, join relevant online forums, and don’t be shy about reaching out to professionals on LinkedIn. You never know who might have the inside scoop on job openings!
✨Tip Number 2
Show off your expertise! When you get the chance to chat with potential employers, make sure to highlight your knowledge of GDPR and data privacy laws. Share examples of how you've implemented compliance measures or trained staff in the past. This will set you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common data protection scenarios. Think about how you would handle specific compliance challenges or data breaches. Practising your responses will help you feel more confident and ready to impress during those crucial conversations.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities waiting for talented individuals like you. Plus, applying directly can sometimes give you a better chance of getting noticed. So, what are you waiting for? Get your application in!
We think you need these skills to ace Data Protection Officer in London
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter to highlight your experience with data protection laws, especially the EU and UK GDPR. We want to see how your skills align with the specific responsibilities of the Data Protection Officer role.
Showcase Relevant Experience:When detailing your work history, focus on your compliance, legal, or audit experience. We’re looking for at least 3-5 years in data privacy, so don’t hold back on sharing your achievements in this area!
Be Clear and Concise:Keep your writing clear and to the point. Use professional language but let your personality shine through. We appreciate a well-structured application that’s easy to read and understand.
Apply Through Our Website:We encourage you to submit your application directly through our website. It’s the best way to ensure it gets into the right hands and shows us you’re serious about joining our team!
How to prepare for a job interview at Mishcon de Reya LLP
✨Know Your GDPR Inside Out
Make sure you brush up on the EU and UK GDPR regulations before your interview. Be prepared to discuss how these laws impact data protection practices and compliance, as well as any recent changes in legislation that could affect the role.
✨Showcase Your Experience
Highlight your previous experience in data privacy and compliance during the interview. Be ready to share specific examples of how you've implemented data protection measures or conducted audits, as this will demonstrate your hands-on knowledge and expertise.
✨Prepare for Scenario Questions
Expect scenario-based questions where you might need to advise on data protection impact assessments or vendor management reviews. Practise articulating your thought process and decision-making skills in these situations to show your problem-solving abilities.
✨Engage with Stakeholders
Since the role involves working closely with various internal teams, be prepared to discuss how you would engage with stakeholders. Share examples of how you've successfully collaborated with others in the past to enhance data privacy awareness and compliance.