Digital Identity Privacy and IA Specialist: Interim/Contractor
Location: Bristol and Manchester
IR35 Status: Inside IR35
Day Rate: £600 per day
If you have any enquiries please contact: gds-interim-recruitment@digital.cabinet-office.gov.uk
Who we are:
At the Government Digital Service (GDS), our mission is to build a simple, joined-up and personalised experience of government for everyone. Using our unique position at the centre of government, we develop services that work for the user, however complex the underlying systems may be. We believe that ensuring things work for end users is the only way to realise the efficiencies that come with digital transformation.
Our focus is on delivering five missions in the following areas:
GOV.UK as the single and trusted online destination for government information and services
Joined-up services that solve whole problems and span multiple departments
A simple digital identity solution that works for everyone
Common tools and expert services
Joined-up data across departments
You can read more about these missions and our vision for the transformation of government in our 2021-2024 strategy
Deliverables:
supporting Digital Identity on data protection, privacy, cyber and information assurance aspects of online government services to ensure Privacy by Design is embedded in Digital Identity design principles and to ensure ongoing security compliance
providing expert advice on all matters relating to privacy, data protection and information assurance to Digital Identity to develop alpha and beta products
designing and implement data privacy controls and a data assurance plan for Digital Identity alpha and beta for PECR, DPA 2018 and UK GDPR compliance
supporting the component set up for DI by risk assessing products and tools required for authentication, identity, fraud prevention for better data privacy and assurance across
registering and managing data privacy and assurance issues and risks that relate to Digital Identity
identifying relevant Government legal gateways for more effective and lawful utilisation of data across Departments to develop alpha and beta versions of Digital Identity
completion of Art 30 Data Processing Records from across the Digital Identity teams, undertaking review and issuing Privacy findings related to Data Protection Impact Assessments for alpha and beta products
supporting Digital Identity engagement activity involving key stakeholders to test stakeholder expectation to build their trust and improve user take up of the early prototypes
undertaking contractual review of products and tools required for DI alpha and beta implementation for privacy and data protection with procurement for compliance
reporting progress against milestones, risks and issues to Digital Identity SMT and senior leaders across GDS where required and relevant
working closely with the GDS Head of Privacy and Data Protection to support other GDS digital strategies and services where relevant
handling and management of incidents that have resulted in data breaches
designing and implementing data sharing arrangements, which may include DSAs and MOUs with other data controllers or processors
Skills:
Expertise in privacy and data protection, GDPR expertise, practical experience, not just theoretical.
At least 5 years experience
Expert in Public Electronic Communication Regulation( PECR), being able to do the work without supervision
Confident, degree educated, good communication skills
Have extensive experience leading complex security and privacy programmes across Government and/or global organisations have an extensive range of cyber, Privacy and information security expertise
Have extensive experience carrying out Privacy information risk assessments for digital services, ideally with a range of formal risk methodologies
Have a very strong understanding of the Data Protection Act and be experienced in ensuring DPA compliance for digital services
Have very strong communication skills, with the ability to communicate effectively with customers and stakeholders inside and outside government across different specialist functions
Be experienced in working closely with delivery teams to build strong and effective working relationships
Have a strong understanding and demonstrable track record in providing Privacy information security assurance of digital identity and other web-based services / cloud services
Be able to balance technical, physical personnel and procedural controls to address business and information risks in the most effective way
Have extensive experience of delivering reports to private and public sector customers and stakeholders on services and information risk
Have excellent problem solving and analytical skills
Will be familiar with UK and international, legal and regulatory requirements that could affect privacy organisation security and assurance policies and influence their development as needed
Government experience not essential, but preferable
