JOB DECSCRIPTION

Business Architecture and Transformation

The Business Architecture and Transformation (BAT) Directorate helps make sure the Ministry of Justice has an operating model (the right people, the right structure, the tools and the capability) that is fit for purpose and effective over the short and medium-term; but equally important, sets a future organisation strategy that is ambitious, effective and efficient and supports the department to implement that strategy. 

Whether focusing on the immediate challenge to improve the effectiveness of HQ, supporting the Chief Operating Officer (COO) to run a high-performing, people-focused, data-driven and efficient COO Group, or challenging the MoJ Executive Committee on the strategic shifts they might make to create an even better place to work, BAT strives to be the best Directorate to work in MoJ. We value collaboration, inclusion, authenticity, high professional standards, a passion for curiosity and a healthy appetite to deliver. 

About the Role

The MoJ People & Capability Information Assurance Lead (IA Lead) is responsible for managing Data Protection (DP) and Information Assurance (IA) governance and compliance as well as overseeing Information Management (IM) activities. The IA Lead will be the Group’s subject matter expert on the proper handling, storage, use and disposal of all information across the group, ensuring our compliance both with departmental policy and the relevant legislation, e.g., Public Records Act, Data Protection Act, etc.

The post holder will be a resilient, engaging, and influential individual focusing on maximising the impact personal data and business information has in supporting P&C’s outputs. Handling, storing, using, and disposing of information effectively is vital to the successful operation of the group and the delivery of people services as it enhances collaborative working and underpins better decision making.

They will lead engagement with stakeholders to raise the profile of DP, IA and IM and demonstrate their importance to the organisation’s operation though improved collaboration and better decision making based on well managed information.

This role can be based in any Ministry of Justice HQ office, JSO, JCC and some travel to London and other offices may be required for in-person meetings, to be agreed according to business need.

Main Activities / Responsibilities

Data Protection & Information Assurance

• As Information Assurance Lead you will be P&C’s Data Protection subject matter expert and provide advice to business areas on complying with the relevant legislation in line with departmental and ICO guidance and standards, including the use of Privacy Notices, Data Protection Impact Assessments (DPIA), and Data Sharing Agreements to ensure sensitive information is processed ethically and legally.

  • Working with the G7 to provide the HR Senior Information Risk Owner (SIRO) with regular reports for P&C on data protection matters including outcome of audits and compliance checks, complaints, breaches/incidents, and any related issues.

  • Identify, report and work to mitigate risks and breaches/incidents, escalating to the Dep SIRO where appropriate.

  • Assess and approve internal and external data subject rights requests, e.g., right to be forgotten requests, Subject Access Requests, etc.

• Conduct assurance activities to ensure compliance with UK GDPR and Data Protection Act 2018, including audits and action plans where there is non-compliance to mitigate the identified risk or issue.

• Educate P&C staff on the need to complete DPIAs where they need to use personal data to deliver their outputs, providing the staff completing these with specialist data protection advice.

• Work with Security & Information Directorate (SID) teams to champion and comply with data protection and information security policies.

  • Respond to requests for MoJ HR data from internal and external agencies, assessing their validity and ensuring the necessary documentation is completed setting out all parties’ responsibilities for handling and use.

Information Management

• Lead the HEO Information Manager and EO Information Officer in promoting the benefits of Knowledge & Information Management (KIM), ensuring all business areas receive the correct advice on how to manage their information to comply with legislation, departmental policy and recognised best practice.

• Confidently communicate the importance of information management to the efficient running of the Group via various methods such as writing newsletter articles and delivering presentations and briefs to key groups such as the Senior Leadership Team, including DG P&C

• Oversee the development of a network of focal points across P&C to understand and support their area’s key information needs, including providing information-related training sessions for all People Group staff.

• Review proposed designs for functional file structures so that they can be implemented to provide collaborative working areas on all relevant systems, e.g., MS Teams, SharePoint, etc.

• Work with MoJ Information Services Division leadership (G6 & G7s) to plan and oversee the implementation of incoming information capability enhancements such as the Digital Records Roadmap, new collaborative working tools, etc.

• Ensure the HEO and EO carry out timely reviews of registered files (both electronic and hardcopy) in accordance with departmental policy and the Public Records Act

• Work with Information Asset Owners (DD-level) to make sure they are aware of their responsibilities and are being supported in identifying and managing personal information assets.

• Ensure the delivery of the People Group’s information stores, e.g., SharePoint, MS Teams, etc. Ensuring users are upskilled and made aware of the features these tools bring to improve collaborative working. Explore opportunities to simplify or automate processes to improve efficiency.

Support to the G7 Dep SIRO

• Deputise for the Dep SIRO as and when required, including attending departmental data protection and information-related Boards and sub-committees.

• Provide regular reports for the Dep SIRO on data protection and information management matters including the outcome of audits and compliance checks, complaints, and any related issues.

• Ensure all DPIAs are completed to an acceptable standard for the Dep SIRO to review and approve.

Management of Resources

You will line manage 1 x HEO Information Manager and be the countersigning officer for 1 x EO Information Officer

You will be accountable to the People & Capability (P&C) Deputy Senior Information Risk Owner (Dep SIRO)

Essential Criteria

Behaviours

Seeing the Big Picture

• Evidence of ability to work confidently and effectively and at a strategic level whilst demonstrating strong leadership and management skills.

• Excellent strategic and tactical thinking skills, to understand the impact of actions. And the ability to change gears: to know when to slow down and be reflective, and when to move at pace to drive toward a conclusion.

Changing and Improving

• An experienced Government Knowledge & Information Management (GKIM) professional with a proven track record of delivering information management support to their organisation.

• History of successfully managing KIM projects to deliver business improvements including better collaboration and increased efficiency and security.

• Willingness to take ownership for risks and issues as they arise, and to pro-actively lead on proposed solutions to problems, experience of positively adapting to and embracing change.

Communicating and Influencing

• Be able to deliver often quite technical messages in a simple, highly effective manner, ensuring the importance of information management is understood as well as showing how we can assist in delivering business improvements to gain buy-in from teams.

Working Together

• Demonstrate an ability to build, manage and maintain effective working relationships with stakeholders. This will be internally across all areas of People Group as well as externally with the central Security & Information Group (SIG) teams.

Statement of Suitability

• Expert knowledge of data protection laws and practices, as well as in in-depth understanding of the UK General Data Protection Regulation (UK GDPR) and knowledge of the UK Data Protection Act 2018.

• Strong background in Record and information management, developing and managing information and data security assurance programmes, including with third parties with the confidence to act as a leading authority to all relevant business units.

Desirable Criteria

• Qualification in Data Protection, e.g., Certified Information Privacy Professional Europe (CIPP/E) or be willing to undertake the necessary studies to obtain these qualifications.

• Membership of a relevant chartered/professional institute, e.g., Information & Records Management Society (IRMS), International Association of Privacy Professionals (IAPP)

We may consider any evidence within the application form that demonstrates meeting the desirable criteria as set out in the job description. This will only be after essential criteria is scored and where there is a need to differentiate between closely scored candidates.

Application process

You will be assessed against the Civil service success profiles framework.

Sift

Experience

• You are required to submit a CV (this must be anonymised)

• Statement of Suitability (no more than 750 words). Please ensure you include examples of job experiences that cover the two specific essential criteria above, would contribute and benefit you delivering this role, and demonstrates knowledge and experience of both data protection and information management.

Behaviours

Please provide examples of how you meet the behaviours (listed below). In your answers please address the points listed in the behaviour section of the essential criteria:

• Seeing the Big Picture (lead behaviour)

• Changing and Improving

• Communicating and Influencing

• Working Together 

Please refer to the CS Behaviours framework for more details at this grade:

Success Profiles: Civil Service behaviours - GOV.UK

If we receive a large number of applications, we will carry out an initial sift on statement of suitability.

Candidates invited to Interview

Please note that interviews will be carried out remotely via MS Teams and are expected to take place in late August 2025/early September 2025.

During the interview, we will be assessing you on:

Behaviours

You will be asked for examples of how you meet these behaviours:

• Seeing the Big Picture (lead behaviour)

• Changing and Improving

• Communicating and Influencing

• Working together

Strengths

You will be asked questions on a range of strengths.

Contact point for applicants

For more information about the role please contact: mark.thomas2@justice.gov.uk