Data Protection Officer

Data Protection Officer | 3 Month Contract | South London | 2-3 days on-site | Inside IR35

Overview
An experienced Data Protection Officer (DPO) is required to lead and embed data protection compliance across a large, complex organisation. This role will take ownership of the data protection framework, ensuring alignment with UK data protection legislation and best practice, while safeguarding the confidentiality, integrity, and availability of personal data.

Key Responsibilities

Leadership & Strategy:

• Develop, implement, and continuously refine a comprehensive data protection framework aligned to organisational objectives.
• Lead ongoing data protection risk assessments and ensure appropriate mitigation measures are in place, including maintaining Records of Processing Activities (ROPA).
• Monitor and evaluate the effectiveness of data protection controls and governance arrangements.

Compliance & Advisory:

• Act as the organisation's subject matter expert on data protection, providing guidance across all business areas.
• Ensure adherence to applicable legislation, including UK GDPR and the Data Protection Act 2018.
• Maintain accurate and up-to-date records of data processing activities.
• Conduct audits and compliance reviews, identifying and addressing gaps.
• Review and advise on contractual arrangements involving data sharing and third-party processing.

Data Subject Rights:

• Oversee the handling of data subject rights requests
• Ensure responses are managed within statutory timeframes and to a high standard.

Incident & Breach Management:

• Establish and maintain an effective data breach response framework.
• Lead investigations into suspected breaches and manage reporting obligations with relevant authorities.

Data Protection Impact Assessments (DPIAs):

• Conduct DPIAs for high-risk processing activities.
• Ensure DPIAs are regularly reviewed and remain compliant over time.

Training & Awareness:

• Design and deliver organisation-wide data protection training programmes.
• Promote a strong culture of data protection awareness and accountability.
• Enable staff to recognise and appropriately escalate potential data risks or incidents.

Regulatory Engagement:

• Act as the designated Data Protection Officer with the relevant supervisory authority.
• Serve as the primary point of contact for regulatory bodies.
• Support and cooperate with regulatory investigations and enquiries.

Required Experience

• Demonstrable experience (typically 4+ years) in a DPO or Deputy DPO capacity within a regulated environment.
• Experience within large, complex organisations is highly desirable, particularly within the public sector or similarly governed environments
• Strong working knowledge of UK data protection legislation and associated regulatory frameworks.
• Broad understanding of information governance, privacy obligations, and compliance standards.
• Familiarity with technical and organisational security controls supporting data protection.
• Proven capability to lead and deliver initiatives in a structured and organised manner.

If this sounds like a fit, APPLY NOW!

Data Protection Officer | 3 Month Contract | South London | 2-3 days on-site | Inside IR35

Oscar Associates (UK) Limited is acting as an Employment Business in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.