Data Protection Manager reference: 5768057680

We encourage applications from people from all backgrounds and aim to have a workforce that represents the wider society that we serve. We pride ourselves on being an employer of choice. We champion diversity, inclusion and wellbeing and aim to create a workplace where everyone feels valued and a sense of belonging. To find out more about how we do this visit:

https://www.gov.uk/government/organisations/ministry-of-justice/about/equality-and-diversity.

The Role

We’re recruiting a Data Protection Manager on a permanent basis here at MoJ (Ministry of Justice) Security and Information Governance Group, to be part of our warm and collaborative Data Protection Team.

Knowledge and information are the lifeblood of the Ministry of Justice (MoJ). They can transform the way we deliver public services as well as the relationship between government and public. It is important for the Department to show that we are capable of handling information carefully as well as making it readily available and widely accessible wherever we can and should. Managing information well can have a direct impact on our ability to deliver core services to our customers.

The Data Protection Team is responsible for helping business groups across the department manage and use personal information in a manner compatible with the law. Its core function is to promote compliance with the Data Protection Act (DPA) 2018 and the UK General Data Protection Regulation across policies, projects, processes and services which involve personal data, through the provision of bespoke advice, training and guidance to business areas.

Reporting to the Data Protection Strategic Lead you will have a leading role in contributing to improvements to the way the department manages its personal data including responsibility for promoting adherence to and providing guidance across a vast spectrum of business areas on information legislation; you will also be part of the management of high impact incidents involving personal data.

Key Responsibilities include:

Act as principle point of contact for a number of the MoJ’s component agencies/ organisations and central work-streams; providing expert advice and guidance on the application of data protection legislation in their business area and particular circumstances. You will have to deal with complex issues and will need to be able to produce accurate advice on compliance matters quickly, to a high standard.Contribute to commissions from within the business and cross-government, to help ensure the proper application of data protection law and reliance on appropriate legal gateways to data processing mindful of the potential risks and outcomes associated with such.Review and advise upon Data Protection Impact Assessments (DPIAs) and data sharing agreements / memorandums produced (or in production) to mitigate privacy risks and advise on potential solutions and changes to processes / policies proposed to aid both their legal and practical application.Build and maintain excellent working relationships with key colleagues in the Ministry, its executive agencies as well as with other government departments.The role also provides the opportunity to draft a range of written communications including advice and submissions to senior officials and Ministers. You may also have to draft clear letters and other correspondence setting out the legal position in the context of the circumstances in each case to stakeholders and the public.

Person Specification

Essential

A current working knowledge and understanding of both the GDPR and DPA 2018 and must be able to recognise, and advise upon, the potential impacts of such on MoJ’s existing and emerging technology systems / projects.A proven track record in developing and leading information assurance strategy in government, including stakeholder engagement, specifically in relation to risk,Proven leadership experience in an information / data management setting.Experience and knowledge of existing working practices within government, including technical security advice, risk management, off-shoring, data protection impact assessment, governance and compliance.Proven ability to adapt to changing priorities, and maintain focus and alignment of the team’s activities - including experience of the management of a team of information security / assurance specialists.Experience of engaging with stakeholders and staff to resolve business issues and ensure effective and efficient delivery of services.In a comparable business environment, experience of providing evidence based, risk balanced advice to seniors, presenting complex considerations in clear and non-technical terms.

Desirable

A data protection/GDPR qualification e.g. CIPP/E or CIPM