Description de l'offre
Assistant Manager – Data Privacy Office
KPMG Business Services
Service Line Information
Quality and Risk Management are the responsibility of each partner and employee. This responsibility includes the need to understand and adhere to member firm policies and associated procedures in carrying out their day-to-day activities. UK Quality & Risk Management teams help to set, implement and enforce policies and procedures designed to help to enable KPMG UK and its personnel to achieve the following key objectives: (i) oversee and monitor service quality, (ii) protect the brand and reputation of KPMG, (iii) comply with laws, (iv) regulations and professional standards, and (v) minimize the risk of financial claims against KPMG UK.
KPMG is part of a global network of firms that offers Audit, Tax & Pensions, Consulting, Deal Advisory and Technology services. Through the talent of over 16,000 colleagues, we bring our creativity and insight to our clients’ most critical challenges.
With offices across the UK, we work with everyone from small start-ups and individuals to major multinationals, in virtually every industry imaginable. Our work is often complex, yet our vision is simple: to be the clear choice for our clients, for our people and for the communities we work in.
As part of Phase 2 of the KPMG UK GDPR compliance activities and rolling out a new Privacy Office operating model, the UK firm is recruiting a Data Privacy Office Assistant Manager. The suitable candidate will help drive internal compliance with KPMG’s obligations under the GDPR, UK Data Protection Act 2018 and Privacy of Electronic Communications Regulations (PECR).
The Data Privacy Office Assistant Manager will apply his or her data protection and privacy skills to effectively support the Privacy Office Manager in performing all relevant duties as part of the new Privacy Office operating model.
Reporting to: Data Privacy Office Manager or Lead
- Function as a key member of the internal Privacy Office and engaging with other privacy professionals including data protection lawyers. Opportunity to develop within the team.
- Support the Privacy Office Manager (hands-on role)
- Key responsibility is to assist Data Subject Request Lead in handling and responding to Data Subject Requests.
- Support enhancement of current privacy by design process and completion of PIA/DPIAs
- Support the ownership and monitoring of a privacy risk register and integration with rollout of a GRC tool as part of a wider risk and compliance management framework
- Support production of privacy office reports e.g. weekly data subject request reports, privacy risk reports, to be reported to various risk management forums and the DPO
- Support rollout of new privacy office target operating model, including engagement with 1st line data and privacy officers
- Help develop content on the Privacy Office portal e.g. guidance and FAQs
- Championing data protection and privacy network and leaders
- Work closely with the Information Protection team
- Support all businesses and functions with privacy questions e.g. via Privacy office mailbox
- Help drive continuous improvement and change
- This is a contract to perm role
Skills and experience required:
- Strong experience in a similar hand-on role, ideally in a complex organisation e.g. top tier financial organisation or professional services organisation
- Strong experience handling and managing data subject requests
- Experience conducting PIA/DPIAs
- Must have worked within a GDPR compliance programme
- Good experience of managing privacy risks (capturing in risk register) and establishing controls
- Good knowledge of the GDPR and UK DPA 2018 including knowledge and experience of operational implementation
- Good practical knowledge and experience of building Article 30 records of processing activities registers, establishing lawful basis and consent management
- Good skills using MS Excel and MS PowerPoint
- Excellent communication skills, both written and verbal
- Well organised and able to maintain a high workload efficiently at a consistently high standard
- Strong attention to detail
- Good understanding of inter relationships between systems, architecture, platforms and security
- Holding recognised privacy qualifications e.g. CIPP/E, CIPM, BCS is advantageous or willingness to work towards.
- Some knowledge of information security and security measures required by the GDPR
- Some experience working with GRC tools to manage privacy risks is advantageous
- Understanding of 3 lines of defence (risk management)
- Experience of other 3rd party privacy tools is advantageous.
Our employees have many varied work schedules to suit their individual needs!
Our intelligent working options range from role sharing and flexible start and finish times, to home working and more informal arrangements agreed within teams.
Check out examples of KPMG employees enjoying different working patterns on our website and please do share your own individual requirements with us.
Applying with a Disability
As a member of the Business Disability Forum we're committed to ensuring a great experience for colleagues with a disability. Should you be successful after the initial application stage, please discuss any adjustments that you may require with your recruitment contact.
KPMG's commitment to diversity
We are proud of the value we place on individuality. We want you to bring your full self to work and maximise your potential. KPMG is a place where everyone can thrive, whatever their gender, ethnicity, disability, sexual orientation and socio-economic background.
Policy for Agencies
KPMG has a commitment to sourcing candidates directly and as such we do not accept speculative CV’s from agencies. Please check here to see our policy on agencies:Policy