Governance and Compliance Manager

This job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board.

Governance and Compliance Manager

Leatherhead, Surrey (Please check commute before applying)

Competitive Salary, Company Car, Private Medical Insurance, Hybrid Working (3 days office/2 days home), Office Lunch Allowance, 25 Days Holidays plus Bank holidays with option to buy/sell, Group Income Protection, Pension 6% Matched, Free Parking, Free Car Charging, Great Flexible Benefits including Dental, Access to ECS Car Scheme and access to Hyundai Sponsored events!

Job Purpose:

Responsibility for developing, updating, deploying and monitoring adherence to policies, processes and standards related to data protection and good IT governance. Being a SPOC for all aspects of data protection and management within HMUK.

Key Responsibilities

Data protection

1. Risk management - identifying, assessing, and mitigating risks that could arise from noncompliance to regulations in data protection.
2. Compliance Monitoring - ensuring compliance with the GDPR and making sure IT policies and procedures are followed. Prepare compliance reports for HoS according to established frequency and on request.
3. Data protection impact assessments - conducting a Data Protection Impact Assessment (DPIA) for existing operations and new projects / processes that may present a high risk to individuals (employees, customers).
4. Audits - undertaking periodic internal audits and regularly updating data protection processes, supporting external audits.
5. Consent policies - establishing consent policies for data aligned with Legal Dept and Headquarter guidelines.
6. Customer data retention - establish the process and monitor its compliance across HMUK and 3rd parties.
7. Training and Awareness - educating employees about GDPR policies, procedures and best practices to foster a culture of data protection awareness. Prepare and execute an annual training plan.
8. Be a key member of Data Breach Task force, Disaster management team, Business continuity team etc to manage and resolve all issues related to Data protection.
9. Design and implement onboarding and offboarding processes for employees, a new vendors IT evaluation process; data sharing process and related system requirements.
10. Maintain an up-to-date understanding of regulatory requirements and industry changes.

Governance, Project Management and Reporting

1. Support HoS to develop the optimized governance and compliance strategy and the implementation roadmap, in conjunction with HME/HMC and Legal Dpt.
2. Lead & Implement GDPR and governance related projects aligned with this roadmap.
3. Work collaboratively with IT Security & Compliance Manager and Legal dept to validate and approve the data protection measures established by 3rd parties who have access to HMUK data.
4. Accountability reporting - Create internal process with clear requirements for reporting to Top management which would cover all data and information-security related issues, both handled by Legal and IT, to assure proper exchange of information and risk management.
5. Establish and enforce IT governance frameworks, policies, standards and processes aligned with commercial and financial business objectives.
6. Design and establish process for AI tool utilisation approval.
7. Design and establish process for policies, procedures and processes creation, approval and update.

Personal Specification

1. Knowledge of Compliance and Regulations, relevant laws and standards related to Data protection.
2. Experienced in creating IT governance frameworks and their implementation.
3. Attention to detail; meticulous approach to identifying and addressing risks.
4. Process mapping experience.
5. Strong communication skills; proficiency in conveying good governance concepts and policies to both technical and non-technical stakeholders.
6. Good project management skills (APM/PMI certification).
7. At least 5 years' experience in an IT governance and / or compliance role within B2B2C businesses.
8. Track record of continuous learning in the governance and compliance field.

Become part of a Global Company with a history of success and ambitious plans for the future. Please apply by creating your Candidate Profile and attaching your application documents in English.