Find More Than 10K+
United Kingdom Jobs

Job description

Putting the ‘i’ back into British Innovation

Putting the ‘i’ into Inventing the Future

Putting the ‘i’ into Inspiring the Nation

myenergi Ltd is a young, progressive, innovative, and fast-growing company with its HQ born and based right here in Stallingborough, with subsidiaries based in Germany, Benelux, Northern Ireland, Australia and ambitions to open facilities right across the world. We specialise in the design and manufacture of ground-breaking renewable-energy technology products.

myenergi is looking to recruit an experienced Data Protection Officer (DPO) with broader compliance experience and background. Reporting to the General Counsel and with direct access to the Board of Directors, the DPO will monitor internal compliance and data practices to ensure the group’s business complies with the applicable requirements under the UK GDPR and relevant national legislation. The DPO’s responsibilities include, but not limited to, advising on, and carrying out, staff training, data protection impact assessments and, if required, internal audits. The DPO will also serve as the primary contact for supervisory authorities and individuals whose data is processed by the business. It would be beneficial if the candidate has some global experience of data protection. The majority (80%) of the responsibilities of this role will be that of a DPO but someone with substantial broad-spectrum Risk and Compliance experience will be valued greatly.

Responsibilities:

Reporting to: Company Secretary and General Counsel.

Location: Remote with occasional travel to the head office and other offices as required for the role.

In this role, you will work closely with the IT, Legal, Ethics, Quality, and other functions to develop and monitor policies and standards applicable to the business and in compliance with the UK GDPR and relevant national legislation.

Duties will include:

• Setting, implementing measures and a global privacy governance framework, policies and procedures to manage data use in compliance with the UK GDPR and any localization requirements in countries of operation, including developing templates for data collection, advising and working on data mapping and records of data processing, and vendor management reviews.
• Working with key internal stakeholders in the review of operations and projects and related data processing to ensure compliance with data privacy laws, and where necessary, advising on, completing and monitoring data protection impact assessments.
• Reviewing vendor contracts (including EU standard contractual clauses and IDTA) and other third party data processing and data sharing arrangements in partnership with the other relevant functions in the business.
• Managing and conducting ongoing reviews of business’s privacy governance framework (including Binding Corporate Rules (BCRs)) and regular and ad hoc reporting on data privacy compliance within the business.
• Monitoring changes to local privacy laws and making recommendations to the business when appropriate. Working with, where necessary, outside legal advisers and subject expertise to help advise on local data privacy law issues.
• Developing and delivering privacy training to various business functions and collaborating with the other business function(s) to raise employee awareness of data privacy and security issues.
• Developing strategies and initiatives to ensure engagement with key internal and external stakeholders.
• Serving as the primary point of contact and liaison for the Information Commissioner’s Officer and other relevant local data protection authorities on all data protection related matters under the UK GDPR and relevant national legislation.
• Ensuring filing and fee requirements with local data protection authorities are achieved.
• Serving as the primary point of contact for data protection queries in the business.
• Serving as the primary point of contact for data subjects. Responding to and advising on data subject rights requests, including data subject access requests (DSARs) and other requests from individuals.
• Ensuring that the business’s IT systems and procedures comply with all relevant data privacy and protection law, regulation and policy (including in relation to the retention and destruction of data).
• Collaborating with the other function(s) of the business to maintain records of all data assets and exports, and maintaining a personal data security incident management plan to ensure timely remediation of incidents impacting personal data including impact assessments, breach response, complaints, claims or notifications.
• Acting as a risk compliance manager of the business to ensure the business’s compliance with all applicable laws.
• Collaborating with relevant business functions to develop, implement and monitor risk management strategies and wider compliance policies and procedures (such as anti-bribery and money laundry)
• Advising internal stakeholders on the implementation of compliance programmes and systems.
• Following up on compliance issues that require investigation.
• Auditing and evaluating compliance programmes and systems, and reporting on compliance.

Required Qualifications and Experience:

• Previous experience as a Data Protection Officer
• Hold at least one data protection and/or privacy certification, such as CIPP, CIPT, CIPM, ISEB, etc. (preferred)
• Ideally, a degree or high-level qualification in law or business studies/ management/ accounting/ economics
• Ideally, experience in manufacturing or energy sectors and in cross-border data protection issues
• Ideally, experience within a compliance, audit and/or risk function, with recent experience in privacy compliance and wider broad-spectrum compliance programmes.
• Experience in developing policy and compliance training.

Knowledge, Skills and Abilities

• Strong knowledge of UK and EU data privacy and data protection regulation, and a good understanding of other major privacy frameworks and evolving legislation worldwide.
• Sufficient knowledge of information technology and data management systems required.
• Well-developed and professional interpersonal skills; ability to interact effectively with people at all organisational levels of the business.
• Experience of working in a large, global organisation.
• Ability to work unsupervised, exercise leadership and influence change.
• Excellent communication skills, both verbal and written.
• Strong change and project management skills, including the ability to manage time well, prioritise effectively and handle multiple deadlines.
• Ability to undertake large, long-term projects, develop alternative methods to complete them and implement solutions.
• Ability to use independent judgement and discretion when making majority of decisions.
• Detail-oriented approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues.
• Ability to handle confidential and sensitive information with the appropriate discretion.
• Knowledge of PC applications, including MS Office.
• Fluent English; knowledge of other languages preferred.
• Promoting effective work practices, working as a team member, and showing respect for co-workers.

Additional Requirements

• The statements contained in this position description are not necessarily all-inclusive; additional duties may be assigned and requirements may vary from time to time.

Job Type: Full-time, Permanent

Salary: DOE

What myenergi offer you:

• Free charging of electric vehicles on site.
• Private Medical Insurance
• Cycle to Work Scheme
• 25 days holiday + Bank Holidays
• Mental Health First Aiders across the business, let's be there for each other
• Career Development & Encouragement
• Employee Empowerment
• Free onsite parking
• Positive working environment
• EV salary sacrifice scheme
• Birthday Leave – because everyone deserves a day off for their birthday, right?

myenergi is committed to being an equal opportunity, diverse and inclusive employer. We want a supportive and inclusive environment where our colleagues can reach their full potential without prejudice and discrimination. We are committed to a culture where respect and understanding is fostered, and the diversity of people’s backgrounds and circumstances will be positively valued.

Job Types: Full-time, Permanent

Salary: £80,000.00-£85,000.00 per year

Benefits:

• Casual dress
• Company events
• Company pension
• Cycle to work scheme
• Employee discount
• Flexitime
• Free parking
• On-site parking
• Private medical insurance
• Wellness programme
• Work from home

Schedule:

• Flexitime
• Monday to Friday

Work Location: Remote