Lead Data Privacy Specialist

• Make it easier for people to find what they are looking for on GOV.UK
• Build common service platforms to make it simpler and cheaper to build quality digital services
• Promote agile, user-centred design practices both in the UK and across the world

What you'll do

We are seeking a Lead Data Privacy Specialist to join the GDS team, working with GOV.UK and closely aligned to the ethos, mission and principles of the GDS Privacy Team led by the Head of Privacy and Data Protection. You will be the lead specialist responsible for privacy and data protection in GOV.UK.   

You will provide consistent and reliable specialist data protection leadership for GOV.UK as part of the critical national infrastructure by:

• designing, building and testing data privacy controls to safeguard against data protection risks, 
• developing relationships to build trust and confidence in privacy safeguards by reassuring and negotiating privacy expectations of Senior Civil Servants, Ministers, internal and external stakeholders and influencing decisions, 
• working collaboratively to meet data protection and privacy standards in liaison with cybersecurity, information assurance and management teams, 
• developing robust data governance to protect GOV.UK against reputational damage and users against privacy harm. 

The Lead Data Privacy Specialist for GOV.UK will work alongside the GOV.UK team working closely with the GDS Information Assurance, Management and Data Security teams to cultivate a ‘privacy-positive’ culture in GOV.UK

Although your primary focus will be working on the GOV.UK programmes, the role is part of the GDS Data Protection and Privacy Service and will have the opportunity to work with the team to provide privacy expertise to other GDS services and developments. 

Main responsibilities

• providing high-quality, pragmatic expertise and leadership to GOV.UK on data protection and privacy aspects of online government services to ensure Privacy by Design is embedded in GOV.UK design principles, providing expert and specialist advice and guidance on privacy and data protection laws including the UK General Data Protection Regulation, Data Protection Act 2018, PECR, NIS Directive and E-privacy Regulation to a diverse range of professionals in GDS, senior civil servants and Ministers as required
• identification, assessment and management of privacy and data protection risks that relate to GOV.UK and strategic GDS programmes and services that are directly related to GOV.UK
• timely escalation of GOV.UK privacy and data protection risks with reasonable and practicable recommendations to relevant risk owners, such as Directors in GDS, GOV.UK, Permanent Secretaries and Ministers as required 
• influencing strategic Senior Civil Servants and operational management decisions by highlighting privacy and data protection risk of harm on users, reputational risk on GOV.UK, GDS and His Majesty’s Government while providing a balanced view that facilitates lawful, fair and effective data use 
• carry out data protection impact assessments and Article 30 Processing Records for GOV.UK as required and support and guide teams to ensure that privacy by design is core to the delivery and operation of those services, reporting progress against milestones, risks and issues to GOV.UK Senior Management Team and senior leaders across GDS where required and relevant
• working closely and engaging effectively with Government and other legal advisors, including the Cabinet Office DPO
• representing privacy interests within GOV.UK and working with the Privacy and Consumer Advisory Group (PCAG), external stakeholders including the Information Commissioner’s Office and other relevant agencies
• facilitating the fulfilment of various data subject rights within the remit of GOV.UK

Who you'll be

This role requires: 

• Expert data protection and privacy practitioner with working knowledge of the UK data protection legislation, regulations, industry standards, best practices, and experience of delivering at scale digital transformation projects in an agile and complex technology-driven environment
• A relevant privacy qualification such as IAPP (CIPP/E, CIPM) or BCS (ISEB) or equivalent
• A solid understanding of new and emerging technologies and the opportunities they provide to improve the delivery of public services in the UK
• Awareness of communication channels to connect and stay up to date on new developments in relevant industry, proposals and changes to requirements, regulations and legislation in order to analyse and assess their potential impact on GOV.UK strategy and its delivery
• Confident leadership and influencing skills while providing advisory and delivery support with the ability to motivate people at all levels, influencing decisions on risk management for Directors in GDS and GOV.UK as well as Permanent Secretaries and Ministers 
• Strong analytical and problem-solving skills with the ability to manage multiple priorities across a range of stakeholders, senior civil servants, suppliers and users
• Good attention to detail, ability to see the bigger picture in the context of the latest organisational strategy, awareness and active support of diversity and inclusion issues to be able to provide balanced privacy and data protection advice and recommendations to senior leadership, including Directors, Perm Secs and Ministers as required
• Experience of risk management and the ability to balance risks against technical and business requirements

Additional Information

The selection process as a standard for all of our GDS roles consists of:

• An application screening process - Simply, hit apply. We only ask for a Cover letter (up to 750 words and a CV. Important tip - please ensure that your cover letter includes how you meet the skills and experience listed in the “who you’ll be” section above.
• An interview - We will asses you against the behaviours listed and your experience 

GDS offers hybrid working for all employees. This means that everyone does some working from home/remote working and also spends some time in their local office. You will agree to your hybrid working arrangement with your line manager in line with your preferences and business needs. 

If we receive a high number of applications, we may decide to include an additional round (this would typically be a short telephone interview or assessment/exercise depending on the type of role).

A reserve list will be held for a period of 12 months, from which further appointments can be made.

Candidates that do not pass the interview, however, have demonstrated an acceptable standard will be considered for similar roles at a lower grade. 

Security level for the role; This role requires BPSS security clearance. If further clearance is required in the future, you will be expected to complete this. Further details are outlined in Security vetting for employees.

The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. For further information see https://www.gov.uk/guidance/prison-leavers-project-improving-outcomes-for-prison-leavers

How you'll be assessed

In the Civil Service, we use our Success Profiles. For each role we advertise we consider what you will need to demonstrate to be successful. This gives us the best possible chance of finding the right person for the job, drives up performance and improves diversity and inclusivity. We will be looking at your experience, career history and achievements that are relevant to the specific job role. We may assess your ability, strength, experience, technical/specialist skills and behaviours.

For this role the following behaviours are the most relevant:

• managing a quality service

• working together

• leadership

• communicating and influencing

• making effective decisions

• seeing the big picture