The Role

Reporting to the Data Protection Strategic Lead you will have a leading role in contributing to improvements to the way the department manages its personal data including responsibility for promoting adherence to and providing guidance across a vast spectrum of business areas on information legislation; you will also be part of the management of high impact incidents involving personal data.

Key Responsibilities include:

• Act as principle point of contact for a number of the MoJ’s component agencies/ organisations and central work-streams; providing expert advice and guidance on the application of data protection legislation in their business area and particular circumstances. You will have to deal with complex issues and will need to be able to produce accurate advice on compliance matters quickly, to a high standard.

• Contribute to commissions from within the business and cross-government, to help ensure the proper application of data protection law and reliance on appropriate legal gateways to data processing mindful of the potential risks and outcomes associated with such.

• Review and advise upon Data Protection Impact Assessments (DPIAs) and data sharing agreements / memorandums produced (or in production) to mitigate privacy risks and advise on potential solutions and changes to processes / policies proposed to aid both their legal and practical application.

• Build and maintain excellent working relationships with key colleagues in the Ministry, its executive agencies as well as with other government departments.

• The role also provides the opportunity to draft a range of written communications including advice and submissions to senior officials and Ministers. You may also have to draft clear letters and other correspondence setting out the legal position in the context of the circumstances in each case to stakeholders and the public.

Person Specification

Essential

• A current working knowledge and understanding of both the GDPR and DPA 2018 and must be able to recognise, and advise upon, the potential impacts of such on MoJ’s existing and emerging technology systems / projects.

• A proven track record in developing and leading information assurance strategy in government, including stakeholder engagement, specifically in relation to risk,

• Proven leadership experience in an information / data management setting.

• Experience and knowledge of existing working practices within government, including technical security advice, risk management, off-shoring, data protection impact assessment, governance and compliance.

• Proven ability to adapt to changing priorities and maintain focus and alignment of the team’s activities - including experience of the management of a team of information security / assurance specialists.

• Experience of engaging with stakeholders and staff to resolve business issues and ensure effective and efficient delivery of services.

• In a comparable business environment, experience of providing evidence based, risk balanced advice to seniors, presenting complex considerations in clear and non-technical terms.

Desirable

• A data protection/GDPR qualification e.g. CIPP/E or CIPM