Professional Documents
Culture Documents
JD (1) - 1-2-1-1-1-1
JD (1) - 1-2-1-1-1-1
Develop and drive the implementation of the data protection maturity change initiatives and be
accountable for the timely and efficient execution of said initiatives.
Ensure that data protection risks are identified, documented, managed and mitigated.
Create and maintain appropriate data protection policies and procedures and manage the
assurance programme and related audits including, but not limited to: GDPR, ISO27001
Assess compliance with the GDPR and associated tools, procedures and business processes
Complete and present to the Sr Management a comprehensive data protection risk assessment and
risk remediation plan
Advise and support the relevant Sr Management on all matters related to data protection
management, information governance and information assurance
Be the primary contact point for the relevant Sr Management and key stakeholders on data
protection management and compliance
Assist in personal data breach response
Run and manage Data Protection Improvement programme
Candidate Profile
Holds self-accountable for making decisions, managing resources efficiently, achieving and role
modelling Save the Children values
Holds the team and partners accountable to deliver on their responsibilities - giving them the
freedom to deliver in the best way they see fit, providing the necessary development to improve
performance and applying appropriate consequences when results are not achieved.
Degree level qualification in relevant Information Security, Privacy Management and/or relevant
experience (10 -12 years) within Information Security, Data Protection / Privacy Management or
Information Governance / Assurance consultancy/analyst role (essential)
Information security certification e.g., CISSP, CISM (desirable)
Recognised privacy qualifications e.g., CIPP, ISEB, C-DPO (Essential)
Expert knowledge of data protection or information governance management practices and a good
understanding of other major Information Security frameworks including IEC/ISO27001:2017
(essential)
In depth knowledge and experience of information technology and data management systems
(essential)
Well-developed and professional interpersonal skills, ability to interact effectively with people at
all levels (essential)
Experience in managing Information Security or incidents and personal data protection breaches
(essential)
Knowledge of cybersecurity and data protection risks (essential)
Experience in a similar role and understanding of the Data Protection or Information Security
risks faced by a large data-driven organisation with the ability to conduct the role independently
and with integrity (essential)
Experience in developing policy and compliance training (essential)
Experience of working within a large global organisation (desirable)
Ability to work unsupervised, exercise leadership, and influence change (essential)
Excellent writing and presentation skills (essential)
Strong change and project management skills including the ability to manage time well, prioritise
effectively, and handle multiple deadlines (essential)
Ability to use independent judgement and discretion when making majority of decisions
(essential)
Detail-orientated approach needed to recommend and implement strategic improvements on a
range of data privacy and data protection issues (essential)
Ability to handle confidential and sensitive information with the appropriate discretion (essential)
Knowledge of PC applications, including MS O365 (essential)