Leave us your email address and we'll send you all the new jobs according to your preferences.

Data Privacy Lawyer

Posted 2 hours 7 minutes ago by Exchange House Services Ltd - London

Permanent
Full Time
Other
London, United Kingdom
Job Description
Responsibilities
  • Manage the DPIA process, including risk assessment of new systems, processing activities and suppliers.
  • Work with Procurement and contract owners to manage DPI risks in supply chains and ensure appropriate contractual protections.
  • Assist the AI Risk Assessment Committee with onboarding new AI tools, conducting data protection risk assessments and advising on necessary protections.
  • Develop, manage and implement global data privacy policies, standards, guidelines and procedures, including intra group transfer agreements.
  • Handle day to day operational issues, incidents and maintain an incident register.
  • Map and control privacy by design: map the firm's data processing activities, manage the data map, monitor retention policies, and respond to client and audit information requests.
  • Advise on privacy terms in client retainer documentation and data subject requests (correct, erasure, access, portability).
  • Develop and deliver privacy education and awareness content, ensuring high visibility of privacy matters across the firm.
  • Support privacy compliance reviews of offices and business services, and assist with internal and external audit findings.
  • Maintain privacy risk assessments and impact assessments for each jurisdiction.
  • Prepare quarterly plans and provide annual input to the Information Security report.
  • Build and maintain relationships with internal stakeholders, particularly IT and legal teams.
Qualifications and Experience
  • Degree educated (technical or law degree preferred).
  • Minimum 3 years' experience in data privacy, data governance, or information security (less experience considered with demonstrable competency).
  • Strong knowledge of GDPR and data protection law in other jurisdictions.
  • Proficiency in drafting, monitoring and enforcing data privacy policies and procedures.
  • Experience with ISO27001, other control frameworks, and a broad range of IT technologies.
  • Working knowledge of AI and associated data protection risks.
  • Excellent communication skills - able to liaise effectively with lawyers and IT staff.
  • Analytical ability to identify and assess data protection risks and controls.
  • Self motivated, adaptable, diligent and proactive.
Employment Details

Full time, Permanent - London, United Kingdom.

This role reports to the Senior Data Privacy Manager and is part of the General Counsel & Risk team under the global risk and compliance function.

Email this Job