Compliance Analyst (Information Assurance)

Ref
Application Status Filled
Closing Date
Contract Full Time
Starting Salary 35000
Benefits
Location Cargo Fleet
Head Office Town Middlesbrough
Head Office Postcode TS6 6PT
Country UK

This job has now closed to new applications.

Subscribe Here
for notifications on new jobs added to the site matching your skills
Roles and Responsibilities

Regulatory Compliance and Data Protection

  • Monitor compliance with GDPR, national data protection laws, and organizational data protection policies.
  • Conduct and document Data Protection Impact Assessments (DPIAs) for new projects, systems, and processes.
  • Maintain a register of processing activities (ROPA) and ensure it is up-to-date and accurate.
  • Support the implementation of privacy by design and default principles in all data-handling activities.
  • Support with maintaining, updating, and reviewing compliance-related documentation, including policies, procedures, and guidelines, ensuring they are up to date and in line with regulatory changes.

Data Classification and Management

  • Support and  maintain data classification frameworks to ensure data is categorised and handled appropriately based on sensitivity and regulatory requirements.
  • Collaborate with data owners and custodians to establish and enforce data access controls.
  • Conduct audits to ensure adherence to data classification and handling policies.

Information Security Projects

  • Support information security initiatives, including risk assessments, policy development, and incident response planning.
  • Collaborate with the IT team to implement technical and organizational measures for data protection and security.
  • Participate in security audits and risk assessments to identify compliance gaps and recommend remediation actions.
  • Ensure that security measures align with compliance requirements and data protection regulations.
  • Work closely with the Information Assurance and Security Lead to establish risk treatment plans, track progress, and validate the effectiveness of implemented controls.

Stakeholder Engagement and Reporting

  • Act as a key liaison between IT, Legal, HR, and other departments to address compliance and data protection concerns.
  • Provide expert guidance on data protection issues and regulatory changes affecting the organization.
  • Prepare and present compliance reports, metrics, and insights to senior management and relevant committees.
  • Assist in responding to data subject access requests (DSARs) and other regulatory inquiries.
Experience Required
  • Strong knowledge of GDPR and other relevant data protection regulations (e.g., CCPA, UK Data Protection Act).
  • Experience with conducting DPIAs and managing ROPAs.
  • Familiarity with data classification frameworks and tools.
  • Understanding of information security concepts, such as risk management, access control, and encryption.
  • Proficiency in compliance and security tools (e.g., OneTrust, Varonis, or similar platforms).
  • Excellent analytical skills with the ability to assess compliance risks and recommend solutions.
  • Strong communication and interpersonal skills to effectively engage with stakeholders at all levels.
  • Detail-oriented with strong organizational and documentation abilities.
  •  Ability to manage multiple projects and prioritise tasks in a fast-paced environment.
Qualifications Needed
  • Bachelor’s degree in Information Security, Law, Business Administration, or a related field.
  • Minimum 3 years of experience in data protection, compliance, or information governance roles.
  • Certification in GDPR or data protection (e.g., CIPP/E, CIPM, or CIPT).
  • Information security certifications, such as ISO 27001 Lead Implementer, CISSP, or equivalent.
  • Experience supporting security projects, such as vulnerability assessments or incident response.
Keywords:
IT Systems

Advertise Here