Data Privacy Compliance Analyst - Edinburgh

Wilkinson and Associates is working with a growing and acquisitive FinTech company based in Edinburgh. They have an excellent opportunity to work with the Data Protection Officer as a Data Privacy Compliance Analyst.

The data privacy team is based within the second line of defence Risk & Compliance team and providing support and consultancy to business and other group companies where applicable in relation to data privacy / data protection laws and regulations. The position is required to promote a culture of data privacy compliance within the Company. While also providing support to the Company’s Senior Management by providing assurance on the systems and controls connected with the Company’s data privacy obligations.

The successful candidate will have strong GDPR and data privacy knowledge, able to easily adapt to change and develop new skills. It would be highly advantageous to have a financial services background. 

Ideally you will have a calm and professional manner and proactive approach to work. This is an excellent opportunity for a risk-mindset individual to take ownership of a high profile role in growing organisation.

Key Responsibilities:

• Complete oversight of data privacy risk and compliance across the group, working with different departments to ensure a strong first line of defence controls over processing of personal data.
• Providing data privacy Compliance input into new business initiatives/ propositions, new supplier due diligence and Data Privacy Risk Assessments.

• Maintaining and updating the Risk & Compliance data privacy policies and procedures in line with applicable legislation, regulations and codes of practice.
• Planning and undertaking detailed Compliance Monitoring Reviews and BAU on Data Protection where required. Carry out thematic reviews across the Company, identifying and recording issues arising from such work and pursuing them to resolution.
• Reviewing and investigating risk events and impacts/breaches, advising, as required, on action to be taken; monitoring through to completion, identifying trends and creating an incident report where applicable.
• Providing consultancy and support to the business on responding to Data Subject Requests including DSARs and Contributing to MI and reports to the UK Board and management committees, as required.
• Assisting in providing data privacy training to all staff.
• Providing consultancy and challenge to the business on data protection / data privacy on behalf of Risk & Compliance.
• To maintain appropriate regulatory records and documentation relating to data privacy
• Providing support and challenge to key business stakeholders in managing data privacy risks and issues within the business
• Encouraging and driving quality and continuous improvement of processes used across the business and ensuring practices are compliant with regulatory bodies’ expectations.
• Keep up to date with regulatory developments and legislative changes in industry best practice regarding data privacy, implement developments and provide impact analysis on changes,
• Working with the business to facilitate their understanding and ensuring that they are imbedded into processes and controls and ensuring that any external/internal regulatory changes are notified through the Compliance Regulatory Developments team.

Required skills and attributes:

• Previous experience in a data protection oversight and/or consultancy role, ideally within a financial services environment.
• Good knowledge of GDPR and DPA requirements and related guidance.
• Understanding of FCA rules and regulatory framework preferably gained through a compliance function
• Relevant professional or industry qualification.
• Ability to prioritise work and manage service delivery targets within tight constraints and under pressure, maintaining flexibility in respect of shifting business priorities.
• Strong communication skills, using appropriate language and style of communication that is relevant to the situation and circumstances to influence.
• Demonstrating sufficient self-awareness to identify personal strengths and areas for development.