Data Protection Manager

Roles and Responsibilities

 Develop and drive the implementation of the data protection maturity change initiatives and be
accountable for the timely and efficient execution of said initiatives.
 Ensure that data protection risks are identified, documented, managed and mitigated.
 Create and maintain appropriate data protection policies and procedures and manage the
assurance programme and related audits including, but not limited to: GDPR, ISO27001
 Assess compliance with the GDPR and associated tools, procedures and business processes
 Complete and present to the Sr Management a comprehensive data protection risk assessment and
risk remediation plan
 Advise and support the relevant Sr Management on all matters related to data protection
management, information governance and information assurance
 Be the primary contact point for the relevant Sr Management and key stakeholders on data
protection management and compliance
 Assist in personal data breach response
 Run and manage Data Protection Improvement programme

Candidate Profile
 Holds self-accountable for making decisions, managing resources efficiently, achieving and role
modelling Save the Children values
 Holds the team and partners accountable to deliver on their responsibilities - giving them the
freedom to deliver in the best way they see fit, providing the necessary development to improve
performance and applying appropriate consequences when results are not achieved.
 Degree level qualification in relevant Information Security, Privacy Management and/or relevant
experience (10 -12 years) within Information Security, Data Protection / Privacy Management or
Information Governance / Assurance consultancy/analyst role (essential)
 Information security certification e.g., CISSP, CISM (desirable)
 Recognised privacy qualifications e.g., CIPP, ISEB, C-DPO (Essential)
 Expert knowledge of data protection or information governance management practices and a good
understanding of other major Information Security frameworks including IEC/ISO27001:2017
(essential)
 In depth knowledge and experience of information technology and data management systems
(essential)
 Well-developed and professional interpersonal skills, ability to interact effectively with people at
all levels (essential)
 Experience in managing Information Security or incidents and personal data protection breaches
(essential)
 Knowledge of cybersecurity and data protection risks (essential)
 Experience in a similar role and understanding of the Data Protection or Information Security
risks faced by a large data-driven organisation with the ability to conduct the role independently
and with integrity (essential)
 Experience in developing policy and compliance training (essential)
 Experience of working within a large global organisation (desirable)
 Ability to work unsupervised, exercise leadership, and influence change (essential)
 Excellent writing and presentation skills (essential)
 Strong change and project management skills including the ability to manage time well, prioritise
effectively, and handle multiple deadlines (essential)
 Ability to use independent judgement and discretion when making majority of decisions
(essential)
  Detail-orientated approach needed to recommend and implement strategic improvements on a
range of data privacy and data protection issues (essential)
 Ability to handle confidential and sensitive information with the appropriate discretion (essential)
 Knowledge of PC applications, including MS O365 (essential)

Perks and Benefits

 Salary 12 to 18 lakh per annum including Project completion bonus
 Full time work from home role
 Possibility of onsite travel