Privacy and Data Protection Analyst - Operations

Location/s: Glasgow, Newcastle, Birmingham or Bristol
Recruiter contact: Nikki George

About the business unit  

Mott MacDonald’s support services are the driving force behind our organisation enabling us to run efficiently and effectively. The team works collaboratively to offer specialist advice, best practice and technology to all areas of our business specifically designed for our global reach. 

The Group Head of Privacy and Data Protection and his team operate as a global advisory, compliance, and assurance function. The role of Privacy and Data Protection Analyst - Operations, is focussed on supporting these activities by ensuring the effective and efficient operation of business processes and systems that support the work of the team (and the delivery of the wider privacy and data protection compliance programme).

Job description

• Informing and advising Mott MacDonald colleagues across the globe of their general obligations under applicable privacy and data protection laws (including the UK General Data Protection Regulation and Data Protection Act 2018).
• Managing the Privacy and Data Protection Team email inbox and triaging enquiries to ensure they are prioritised appropriately (either using your knowledge and expertise to respond directly, directing colleagues to the appropriate internal resources on the corporate Intranet (Compass) and/or business management system (STEP), or escalating to another member of the team as appropriate).
• Acting as the super-user/administrator for Mott MacDonald’s instance of the OneTrust privacy management platform used to manage: Personal Information Risk Assessments (PIRAs), Personal Information Compliance Assessments (PICAs), and Asset Discovery Questionnaires (ADQs); individual rights requests (including ‘Subject Access Requests’); the Group’s statutory ‘record of processing activities’ (ROPA); and data breach incident reporting. This includes adding and training new users, liaising with the OneTrust service desk as required to raise tickets and resolve issues/incidents, and maintaining an advanced level of technical expertise.
• Advising colleagues on whether PIRAs or ADQs are required for new projects, initiatives, or systems/applications and providing guidance on how these assessments should be conducted.
• Working with internal stakeholders (including IT and cyber/information security teams) to co-ordinate the timely identification, reporting, logging, investigation and resolution of personal data breaches.
• Capturing and collating statistical information and performance metrics related to privacy and data protection compliance. Liaising with the Group Risk Team to update associated Key Risk Indicators that are reported to the Group’s Risk Committee and Executive Board.
• Managing the vendor registration and due diligence process on behalf of the Privacy and Data Protection Team (liaising with vendor contacts and colleagues in Mott MacDonald’s procurement teams). Raising purchase orders and liaising with vendor contacts and colleagues in the Accounts Payable team to ensure that invoices are accurate and processed/paid on time.
• Co-ordinating the maintenance and periodic review of privacy and data protection content published: (1) on the corporate Intranet (Compass); (2) on the Group’s business management system (STEP); (3) in ‘Bid FAQs’ used by colleagues when responding to compliance questions from prospective clients; and (4) in a suite of bespoke eLearning courses.
• Proactively co-ordinating and supporting the Group’s efforts to achieve certification under ISO/IEC FDIS 27701. Attending external training sessions; participating in internal gap analysis sessions and external benchmarking audits; mapping existing policies, requirements, and guidance to the standard; and ensuring that supporting evidence of compliance (process maps and other documents/records) is being created, collated, and maintained.
• Co-ordinating and supporting the Privacy Practitioner Network (approximately 70 volunteers embedded within the business worldwide). Ensuring the relevant Intranet page, email distribution list, and DataGuidance subscriptions are updated when members join or leave the group; arranging quarterly regional forums; and helping to maintain global coverage (with at least one practitioner in each jurisdiction where Mott MacDonald operates).

Essential:

• A confident and articulate self-starter able to manage and prioritise a large and varied workload, work independently, take decisions on your own initiative within defined parameters, and meet challenging deadlines (whilst managing the expectations of others).
• Excellent IT and administrative skills (including extensive experience of using SharePoint and other Microsoft applications).
• Experience of working with OneTrust or other privacy management systems/applications.
• Experience of handling sensitive/confidential information with discretion; and a strong commitment to uphold ethical standards and maintain your professional integrity.
• Able to assimilate and interpret information quickly; and can explain complex processes or requirements to colleagues without using confusing technical or legal jargon.
• Able to communicate effectively (and respectfully) with colleagues, data subjects, commercial partners and other external stakeholders irrespective of national boundaries and cultures.

Desirable:

• An awareness of privacy and data protection laws (and associated regulatory frameworks) and experience of providing practical advice on the interpretation and application of those laws.
• Experience of acting as a OneTrust Site Admin or a super/admin user for another privacy management system/application.
• A certification from OneTrust (for example the OneTrust Expert Certification) and/or the International Association of Privacy Professionals (for example the CIPP/E or CIPT).
• Experience of supporting the response to personal data breaches; and an understand of the potential impact this type of incident can have on the individuals affected, as well as the processor(s)/controller(s) involved.
• Experience of co-ordinating the resolution of individual rights requests (for example Subject Access requests and/or deletion requests).
• Experience of supporting and promoting behaviour change (focussed on building an effective privacy and data protection compliance culture) within a large, complex, multi-site organisation.
• General awareness of information security and records management issues.
• Experience of dealing with invoicing/payment processes and using finance/ERP systems.

We are actively recruiting a diverse workforce that is reflective of the communities we serve. We recognise that differences in ability, skills and experience are a strength and encourage applications from people of all backgrounds. 

#LI-NG

UK Immigration
 
Mott MacDonald Ltd. are not currently offering sponsorship to candidates under the Skilled Worker visa route in the UK. This decision is as a consequence of the changes made to the Skilled Worker route by the UK Government in April 2024. We continue to welcome applications from candidates who are eligible for alternative immigration routes in the UK, that do not require sponsorship as a Skilled Worker now or in future

Mott MacDonald

Position location: Glasgow, Newcastle, Birmingham or Bristol
Recruiter contact: Nikki George

We’re a global engineering, management, and development consultancy.
Our purpose is to improve society by considering social outcomes in everything we do, relentlessly focusing on excellence and digital innovation, transforming our clients’ businesses, our communities and employee opportunities.

A fundamental part of this is respecting each person’s differences and striving to meet their needs.

Our values: Progress, Respect, Integrity, Drive, Excellence.

Equality, diversity, and inclusion 

We put equality, diversity, and inclusion at the heart of our business, seeking to promote fair employment procedures and practices to ensure equal opportunities for all. We encourage individual expression in our workplace and are committed to creating an inclusive environment where everyone feels they can contribute.

Accessibility

We want you to perform your best at every stage in the recruitment process. If you are disabled or need any support to enable you to apply or attend an interview, please contact us at reasonable.adjustments@mottmac.com and we will talk to you about how we can support you.

Agile working 

Happy to talk Flexible Working and how we can support your responsibilities beyond the workplace.

We offer some fantastic benefits including:

• Pension matched up to 7%   
• Life insurance 
• An annual professional institution subscription   
• Continuous development opportunities – because we want you to thrive  
• Agile/flexible working – because life isn’t 9-5  
• Enhanced parental leave; shared parental leave policies – for parents and care givers  
• Annual bonus scheme  
• Flexible benefits that suit you, including ability to buy/sell annual leave entitlement, cycle to work & interest free season ticket loans 
• Wellbeing support including access to an independent Employer Assistance Scheme, wellbeing champions and access to learning and support resources 
• Access to our Advanced Employee Networks which support our LGBTQ+, gender, race and ethnicity, disability and parents/carers communities 
• The opportunity to make a difference; learn more about our social outcomes

Apply now, or for more information about our application process, click here.