Governance and Compliance Manager

This job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board.

Governance and Compliance Manager

Leatherhead, Surrey (Please check commute before applying)

Competitive Salary, Company Car, Private Medical Insurance, Hybrid Working (3 days office/2 days home), Office Lunch Allowance, 25 Days Holidays plus Bank holidays with option to buy/sell, Group Income Protection, Pension 6% Matched, Free Parking, Free Car Charging, Great Flexible Benefits including Dental, Access to ECS Car Scheme and access to Hyundai Sponsored events!

Job Purpose:

Responsibility for developing, updating, deploying and monitoring adherence to policies, processes and standards related to data protection and good IT governance. Being a SPOC for all aspects of data protection and management within HMUK.

Key Responsibilities

Data protection

• Risk management - identifying, assessing, and mitigating risks that could arise from noncompliance to regulations in data protection.
• Compliance Monitoring - ensuring compliance with the GDPR and making sure IT policies and procedures are followed. Prepare compliance reports for HoS according to established frequency and on request.
• Data protection impact assessments - conducting a Data Protection Impact Assessment (DPIA) for existing operations and new projects / processes that may present a high risk to individuals (employees, customers)
• Audits - undertaking periodic internal audits and regularly updating data protection processes, support external audits
• Consent policies - establishing consent policies for data aligned with Legal Dept and Headquarter guidelines
• Customer data retention - establish the process and monitor its compliance across HMUK and 3rd parties
• Training and Awareness - educating employees about GDPR policies, procedures and best practices to foster a culture of data protection awareness. Prepare and execute an annual training plan.
• Be a key member of Data Breach Task force, Disaster management team, Business continuity team etc to manage and resolve all issues related to Data protection.
• Design and implement onboarding and offboarding processes for employees, a new vendors IT evaluation process; data sharing process and related system requirements
• Maintain an up-to-date understanding of regulatory requirements and industry changes

Governance, Project Management and Reporting

• Support HoS to develop the optimized governance and compliance strategy and the implementation roadmap, in conjunction with HME/HMC and Legal Dpt.
• Lead & Implement GDPR and governance related projects aligned with this roadmap.
• Work collaboratively with IT Security & Compliance Manager and Legal dept to validate and approve the data protection measures established by 3rd parties who have access to HMUK data
• Accountability reporting - Create internal process with clear requirements for reporting to Top management which would cover all data and information-security related issues, both handled by Legal and IT, to assure proper exchange of information and risk management
• Establish and enforce IT governance frameworks, policies, standards and processes aligned with commercial and financial business objectives.
• Design and establish process for AI tool utilisation approval
• Design and establish process for policies, procedures and processes creation, approval and update

Personal Specification

• Knowledge of Compliance and Regulations, relevant laws and standards related to Data protection
• Experienced in creating IT governance frameworks and their implementation.
• Attention to detail; meticulous approach to identifying and addressing risks.
• Process mapping experience
• Strong communication skills; proficiency in conveying good governance concepts and policies to both technical and non-technical stakeholders.
• Good project management skills (APM/PMI certification)
• At least 5 years' experience in an IT governance and / or compliance role within B2B2C businesses
• Track record of continuous learning in the governance and compliance field

Become part of a Global Company with a history of success and ambitious plans for the future. Please apply by creating your Candidate Profile and attaching your application documents in English.