Data Protection Officer

At Gentrack, we are committed to ensuring that all our customers' data is protected, and that our work complies with data protection legislation.

We’re seeking a Data Protection Officer to help us improve our management of potentially sensitive information, carry out regular internal security audits, and act as the main point of contact between Gentrack and the data protection authorities.

Our ideal team member will have excellent organizational, communication, management skills, and also the ability to lead training sessions and workshops with members of staff. You’ll often be asked to work independently in this role, but also to communicate with all relevant employees as you promote a culture of data protection compliance within the organization.

**Principal Responsibilities / Accountabilities**: _List the Principal Accountabilities that lead to achieving the “Main Purpose of the Position”_

**Data Protection**
- Work with colleagues and other stakeholders to continue to implement the data protection programme roadmap, in line with Gentrack’s strategy and goals for innovation
- Coordinate and/or contribute to Data Protection Steering Committee meetings discussions
- Develop, implement, and continually improve data protection policies, standards, guidelines, and controls
- Provide strategic and operational data protection compliance advice
- Work with the Executive Committee, Senior Leadership Team, and other line managers to identify data protection risks and implement appropriate mitigating controls
- Work with business areas to ensure data protection controls are embedded and operationalised
- Monitor and report on the implementation and effectiveness of data protection controls
- Fulfil the tasks of the DPO as defined by Article 39 of the GDPR
- Ensure the importance of data protection is at the core of day-to-day activities
- Develop the data protection strategy, framework, privacy notices, policies, processes, and systems
- Negotiate data protection clauses in data sharing and supplier contracts
- Co
- design a cross-organisation framework with Infosec and Data Governance Team
- Preparing and delivering data protection training for all the business functions and relevant external third parties
- Establish a process for and monitor actual compliance of policies and with applicable laws and regulation
- Complete risk assessments and establish ongoing controls, tools, and templates to ensure compliance across all business functions
- Act as the primary point of contact within the organization for members of staff, regulators, and any relevant public bodies on issues related to data protection
- Ensure the company’s policy is in accordance with General Data Protection Regulation (GDPR) and codes of practice
- Evaluate the existing data protection framework and identify areas of non or partial compliance and rectify any issues
- Devise training plans and provide data protection advice and support for members of staff
- Inform and advise the Data Controller or Data Processor on all matters related to data protection
- Promote a culture of data protection compliance across all units of the organization

**Customer Focus**
- Placing the customer and the success of the business at the centre of all thought, analysis, response, and decision making.
- Engaging with and supporting internal teams, third parties and customers through effective and appropriate channels.
- Representing the business as a Data Protection lead in direct communication with customers.

**Personal Attributes**
- Excellent interpersonal skills demonstrating a positive, reasoned, confident, and approachable attitude to others.
- Excellent team player, supporting others and delegating work.
- Pragmatic in approach to work and able to manage multiple work streams with competing priorities.
- Excellent troubleshooting skills, working through issues logically.
- Excellent attention to detail.
- Self-aware of knowledge gaps and when to seek help from colleagues.
- Using initiative and proactively progresses each using best practice.
- Identifying opportunities for continuous improvement and minimising risks.
- Sharing knowledge through collaborative working and documentation.
- Mentoring and helping develop less experienced and knowledgeable colleagues.
- Enjoys challenges and sees them as opportunities.
- Is keen to learn and develop technical and process framework knowledge.
- Open minded, consultative approach. Effective at listening and articulating opinions in a professional capacity.
- Comfortable with asserting own views and challenging others as well as being challenged by others.
- Has a flexible working attitude and recognises some ‘give and take’ is required with the business.

**Qualifications / Education**
- Minimum of three years’ experience working in data protection compliance or a related field
- Expertise in European data protection laws and practices including an in-depth understanding of the GDPR
- Experi