Careers at Data Protection People

Data Protection People are a fast growing consultancy based in the UK with a head office in Leeds. We have the current vacancies available.

To make an application for one of our roles, or to speculatively submit your CV to our recruitment manager, please email it to [email protected]

Unfortunately, we’re unable to offer employment to anyone who does not have the right to work in the UK. Further information on working in the UK and work permits is available on the following UK government site:

Please Note: Strictly No Agencies

Information Governance Officer

Job Description

Due to the success and increased demand of Data Protection People we are recruiting Information Governance Auditors to join our small friendly Audit team. The successful applicant will be required to travel throughout the UK with regular overnight stays.

Key Purpose

To undertake audits/reviews of organisations’ data collection, processing and handling of personal data against the requirements of the UK’s data protection legislation including the General Data Protection Regulation (GDPR), Privacy and Electronic Communications Regulations (PECR), Freedom of Information Act (FoIA), the Payment Card Industry Data Security Standard (PCI-DSS), ISO27001 and other information governance standards.

Main Responsibilities

The responsibilities within this role are:

  • Attend customer sites and undertake audits;
  • Prepare feedback reports of audit findings;
  • Create remediation plans and recommendations to bring business practices in line either with organisational policy and procedure and/or in line with the law.
  • Present audit findings and recommendations to clients.

Key Functions

  • Follow approved company processes to deliver a quality and consistent service;
  • Maintain contact with clients using the process and framework in place;
  • To work with the client to ensure successful preparation has been undertaken and that relevant legislation/standards are defined within the scope of the audit;
  • Represent the image of the company while working onsite with the Client;
  • Conduct audits to test and verify the effectiveness of the client’s work practices against the requirements set out in the relevant legislation/standard including their Information Governance Assurance Framework, structure, policies and protocols.
  • Identify weaknesses and strengths and non-compliant behaviours and make recommendations for improvement based on recognised best practice or legal obligations;
  • Produce a timely high-quality report and analysis using approved templates;
  • Conduct peer reviews of colleagues’ reports;
  • Review the report, its findings and recommendations with clients;
  • Personal development including research, reading and keeping up-to-date with data protection legislation, information governance standards, guidance, and case law and other relevant and related information;

Skills needed

  • Proven experience in Audit or Information Governance;
  • Knowledge of the different laws and legislations governing the Information Governance Assurance Framework;
  • Outstanding attention to detail;
  • Be process driven;
  • Excellent report writing and presentation skills;
  • Good interpersonal, influencing, communication and organisation skills;
  • Ability to work independently and plan own workload to meet deadlines;

Work Location

Auditors will be required to work from a variety of locations including client sites, home and the Data Protection People office in Leeds.  Auditors who do not live in the Leeds area will be expected to work from home as their main place of work and will be expected to have suitable work place arrangements for home working.  We would expect one or two days each week to be home or office based.

The salary is dependent upon experience.

Data Protection and Information Governance Consultant

Job Purpose

To provide support to DPP’s data protection consulting team as required.

Reporting to

Director of Consulting Services

Key Functions

To provide services to DPP’s clients including:

  • Attending various client sites to fulfill or assist in the fulfillment of DPP’s contractual obligations;
  • Writing up notes, opinions, reports and other documents as required to fulfill DPP obligations and satisfy client needs;
  • Carrying out research both into the privacy arrangements of clients as well as into technical aspects of privacy and data protection law, legal cases, undertakings, official guidance and the professional opinions of other practitioners;
  • Supporting and assisting clients to develop and implement appropriate policies and other actions and to ensure that they are complied with.

Providing as required sales support including:

  • Writing sales proposals and scope of work
  • Preparing marketing and promotional materials including blogs
  • Providing support to colleagues including DPP trainees as required;
  • Continuing professional development (CPD).

Main Responsibilities

Supporting the Consulting team and customers:

  • To attend client sites to engage with clients and their employees and agents as required to help achieve client objectives for DPP projects and contracts and deliver projects in accordance with the scope of work;
  • To undertake preparation in advance as required for client meetings and/or DPP projects creating appropriate notes, references and documentation and sharing this with other team members as necessary;
  • To meet with, interview, and discuss matters relevant to DPP projects maintaining accurate notes of conversations and observations;
  • To create notes, reports and other documentation as necessary from meetings conversations, findings and observations etc. in a timely, accurate and professional manner and using the approved templates and central DPP resources as appropriate;
  • To write up documentation as required for presentation to clients to a professional standard required by DPP;
  • To act in a professional and courteous manner at all times and with integrity and confidentiality and do nothing which brings the company or any of its employees or agents into disrepute.
  • To log, and handle inbound customer DP and privacy queries in a timely and professional manner seeking appropriate guidance from the Consulting team as required and strictly in accordance with customer SLAs and DPP work practices.
  • To promptly follow-up on customer queries, requirements or actions.
  • To plan and utilise time efficiently and effectively.
  • To maintain accurate records of time and expenses incurred and to promptly provide same to DPP as required.
  • Ensuring that your own professional development needs are attended to and that you continue to be aware of developments in relevant legal fields.
  • To support pre-sales efforts as required including writing proposals, undertaking peer-review of documentation
  • To work within the consulting framework as set out by DPP and amended from time to time
  • To positively contribute to the development of the company and its services.
  • Any other relevant duties as agreed from time to time.

Person Specification

Candidates should have a thorough understanding of data protection and information rights law and its application in a range of organisational settings.  Candidates must be able to investigate, examine, and critically analyse data protection and privacy-related activities and relevant business processes and test what they find against regulatory and statutory obligations.

Candidates must be confident presenters, articulate and able to explain complex scenarios in easy to understand terms.

Candidates must be prepared to travel across the United Kingdom.

The salary is dependent upon experience.

Please Note: Strictly No Agencies