Privacy Qualified Senior

Ideas | People | Trust

We’re BDO. An accountancy and business advisory firm, providing the advice and solutions businesses need to navigate today’s changing world.

BDO LLP is an accountancy and business advisory firm, we provide integrated advice and solutions to help businesses navigate a changing world. Our clients are Britain’s economic engine – ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy.

We share our clients’ ambitions and their entrepreneurial mind-set. We have the right combination of global reach, integrity and expertise to help them succeed.

BDO LLP operates in 17 locations across the UK, employing 5,000 people offering tax, audit and assurance, and a range of advisory services. BDO LLP has revenues of £590m and is the UK member firm of the BDO International network. The BDO global network provides business advisory services in 162 countries, with 80,000 people working out of 1,500 offices worldwide. It has revenues of $9bn.

Overview

Within Digital Risk Advisory Services, we have a client facing team that delivers advisory services in the area of Privacy & Data Protection. The team is looking to grow and there is an excellent opportunity for development within the Privacy and Data Protection client services offering. As a Privacy & Data Protection Senior within this team, you will take responsibility for running privacy advisory projects, privacy ongoing compliance engagements, and supervising the work of more junior staff, working directly with our clients under manager supervision. You will be involved in a range of one off projects and recurring engagements, and will gain broad experience of delivering assignments across a wide ranging sector client base. The complexity and size of the privacy and data protection assignments will vary significantly and your work assigned will generally be well defined.

Responsibilities

• Have an excellent knowledge of the UK Data Protection Act 2018 and the EU General Data Protection Regulation (EU GDPR) to be able to conduct client reviews and engagements from planning to final reporting, using experience and judgement to apply BDO’s privacy and data protection methodologies, seeking guidance from managers/directors as required.
• Have a knowledge of the surrounding regulatory environment in respect of privacy & data protection in order to advise clients and offer pro-active and timely advice. Knowledge of other jurisdictional data protection landscapes outside of the UK and European Union would be preferable but not absolutely necessary for this role.
• Review and drafting of organisational policies and procedures in respect of privacy and data protection requirements.
• Undertake data protection health checks to identify gaps and suggest recommendations for remediation.
• Assisting and working with clients in respect of rolling out data protection compliance implementation plans – potentially from start to finish.
• Assisting and working with clients in respect of addressing data privacy accountability risk by implementing data protection compliance frameworks.
• Being able to work on ad-hoc privacy and data protection consultancy engagements covering privacy risk assessments, international data transfers, data protection contractual advice, subject access requests, data breach reporting and providing training & awareness sessions. 
• Across the privacy and data protection menu of services, be able to execute these to accurately interpret results, whilst ensuring the work is competently and efficiently performed in accordance with professional standards.
• Understand the privacy and data protection risks in existence and be able to apply this effectively to our privacy and data protection client base.
• Prioritise work so resources are devoted to areas of highest risk in line with the agreed client engagements.
• Consistently document relevant facts and information which support the work performed and conclusions drawn, so other reviewers can follow the logic in line with the BDO privacy and data protection methodology and quality assurance requirements.
• Effectively evaluate engagement results, weighing the relevancy, accuracy, and perspective of conclusions against the accumulated evidence. Be effective in communicating results, both verbally and in writing (will be reviewed by senior members) so they are persuasive, placed in the appropriate context, and understood by the recipient.
• Communicate in a proactive and professional manner with clients.
• Be proactive in making business decisions, for example, providing solutions for any client challenges.
• Demonstrate effective time management skills by completing assignments within time budgets and calendar schedules while handling multiple tasks.
• Exhibit creativity and innovation in recommending improvements to privacy and data protection practices and processes.
• Engage in professional development activities.
• Supervise, coach, support and develop junior members of the privacy & data protection team and always share expertise within the team.
• Contribute to, and participate in the growth and development of our team i.e. marketing, networking and business development activities.
• Be a team player – collaborating with colleagues to assist with continuous improvement in everything we do.

Requirements

• Relevant professional experience in privacy and data protection (3 years plus required) along with an associated passion in this area
• Data protection qualifications mandatory (preferably CIPP/E & CIPP/M)
• Proficient in MS Office
• Full driving licence and personal car, preferable (flexibility to travel on a regular basis locally with potential for wider travel including international assignments is also key)

Our Agency Policy

BDO has a commitment to building relationships directly with candidates (and agencies) in our local markets and as such, we do not accept speculative CVs from agencies. We work closely with our preferred suppliers to support us in sourcing quality candidates but we only pay agency fees where we have a signed agreement in place and an agency has been instructed by a member of the BDO Resourcing team. We do not pay agency fees where speculative and unsolicited CVs are submitted to BDO by any means other than through our recruitment portal. For any CVs which are submitted without instruction from the BDO Resourcing team, BDO reserves the right to contact and work directly with these candidates without payment of any agency fee.