Data Protection Manager

A leading UK law firm with a network of offices from the South Coast to Scotland, working together as one national team. An innovative practice and the first top 100 law firm to achieve “Gold Standard” Investors in People, our values and culture are not just words on our website but are the heartbeat of the firm. The lack of barriers between departments, a real lack of hierarchy, zero tolerance for arrogance and pomposity makes Shoosmiths a fantastic place to work.

Shoosmiths LLP is authorised and regulated by the Solicitors Regulation Authority (SRA) and is also recognised as a multi-national practice with the Law Society of Scotland which regulates Scottish activities. We are also authorised and regulated by the Financial Conduct Authority (FCA) to carry out financial services regulated activities, including but not limited to insurance mediation and investment services. 

Quality and Risk (“Q&R”) is at the heart of everything that we do and in line with our strategic goals to develop and grow, a newly created opportunity has arisen to join our ambitious team.  The Q&R Directorate works across all offices and is fully supported by the Chief Executive, the Compliance Officer for Legal Practice and senior management.  The Directorate helps and supports everyone in the firm to ensure that the firm meets all of its regulatory and legislative objectives and ensure that risk management processes are embedded into the firm’s culture.

We are seeking an additional subject matter expert who will be instrumental in helping us achieve our team and firm objectives. Ideally you will have a proven track record in advising, managing and delivering solutions across compliance and risk matters. More specifically, detailed knowledge of Data Protection Act (DPA) and the General Data Protection Regulation. Knowledge of the SRA rules, the Law Society of Scotland rules, Money Laundering Regulations 2017,  the Proceeds of Crime Act 2002 and FCA rules would be an advantage.

To be up to the challenge, our preferred candidate will have a passion for compliance and thrive in working with complex and at times demanding matters. This will suit a commercially minded compliance expert with a passion in delivering exceptional service across all levels. 

• Maintains, reviews and oversees the whole firm Data Inventory (DI), in liaison with Information Security
• Coordinates Subject Access Requests across Shoosmiths.
• Coordinates data destruction requests (Client/Customer/Employee).
• Coordinates data portability requests.
• Coordinates change requests i.e. Privacy Notices/Customer Information Notices.
• Coordinates Data Breaches and assists with resolution and actions.
• Reviews Privacy Impact Assessments to ensure Shoosmiths are undertaking these as required.
• Undertakes root cause analysis of data breaches and incidents and resultant best practice actions.
• Have oversight of regulatory development in data protection and leading the change requirements across Shoosmiths.
• Undertake relationship management with the Information Security team.
• Identify Data Protection education and training requirements in liaison with Learning and development and Shoosmiths Practice Groups.
• Monitoring of data protection activity across the firm, including where appropriate floor walking and identification of potential breaches.
• Provide reporting as required on data protection: Data Inventory, Subject Access Requests, data destruction, data portability, breaches, monitoring, regulatory developments and training.
• Design and develop effective policies and procedures to meet data protection requirements.
• Assist the firm to meets its regulatory and strategic objectives.
• Being involved in Q&R projects either as a part of a team or individually to manage risk across the business.

Person specification

• Proven experience of working at a senior level within a risk and compliance environment within professional services
• Experience and understanding of Data Protection Act and the GDPR
• Experience of managing processes and assisting in project delivery.
• Experience of writing clear policies, processes and procedures in plain English
• Experience of dealing with multiple requests and coordination across the business

Desirable:

• Previous legal sector experience and an understanding of practice groups are preferred
• Experience and understanding of SRA rules
• Experience and understanding of FCA rules

Personal Attributes

• Energetic and self-motivated
• Strong negotiating skills
• Listens and informs with equal commitment
• Proven ability to think independently
• Engages with and influences colleagues at all levels
• Effective, inspiring and engaging presenter
• Able to assimilate large amounts of information extracting key information for high level reports
• Good organisational skills 
• Able to adapt and cope well under pressure

Due to the nature of the work undertaken, confirmation of employment will be subject to a variety of checks which will be carried out once an offer of employment is accepted.  These checks will include employment references covering the last 5 years, proof of ID, proof of address covering the last 5 years, Personnel Vetting credit search (which will only highlight insolvency or County Court Judgments - should any adverse data show on the Personnel Vetting search then any offer of employment made will be withdrawn).Terrorism Check (against data supplied by the Bank of England) and a DBS check previously known as a Criminal Records check. 

Shoosmiths is a committed Equal Opportunities employer promoting equality of opportunity. This means that everyone who either applies to or works for the firm is treated equally, whatever their gender, age, ethnic origin, nationality, marital status, disability, sexual orientation or religious beliefs.