Data Protection Officer

Location:Leeds (Hybrid)

Salary:£35 - £40K (DOE)

We have an exciting opportunity to join our GRC team as a Data Protection Officer at a time of rapid growth and innovation at Cognisys.

Cognisys is a leading cybersecurity company specialising in Penetration Testing, GRC Consulting, and Managed Security services. We pride ourselves on our customer service, forward-thinking approach, and commitment to excellence. Our small but mighty team works with some of the best-known companies in the world and covers over 30 countries worldwide!

About the Role

We seek a passionate, detail-oriented, and knowledgeable Data Protection Officer to join our team. In this pivotal position, you will ensure our clients establish robust governance frameworks, manage appropriate controls and maintain compliance with GDPR and other data legislations. You will also conduct thorough audits to evaluate and improve the effectiveness of control and governance processes.

Key Responsibilities

Compliance Management:

• 
  
• Monitor and ensure compliance with data protection laws, including GDPR, CCPA, and other applicable regulations.
  
• Advise on data protection impact assessments (DPIAs) and monitor compliance with internal data protection policies and practices.
  
• Develop and maintain the organisation’s data protection policies, procedures, and practices to ensure compliance with legal requirements.
  
• Ensure the organisation’s data protection practices are aligned with industry standards.
  

Risk Management:

• 
  
• Identify and evaluate data protection risks within the organisation.
  
• Develop and implement strategies to mitigate data protection risks.
  
• Conduct regular audits to ensure adherence to data protection laws and internal policies.
  

Training and Awareness:

• 
  
• Develop and conduct training sessions for employees on data protection and privacy laws.
  
• Promote a culture of data protection awareness throughout the organisation.
  
• Provide expert advice and guidance to staff regarding data protection obligations.
  

Data Subject Rights:

• 
  
• Oversee the management of data subject access requests (DSARs) and ensure timely responses to requests related to personal data.
  
• Advise the organisation on data subject rights, including the right to access, rectify, delete, or port personal data.
  

Incident Management:

• 
  
• Respond to data breaches, ensuring timely reporting of incidents to regulatory authorities and affected individuals in accordance with the law.
  
• Investigate any data breaches or incidents and ensure corrective actions are taken to prevent future occurrences.
  
• Maintain breach records and contribute to breach response strategies.
  

External Liaison:

• 
  
• Serve as the contact point for regulatory authorities and cooperate with them regarding data protection matters.
  
• Respond to data protection inquiries from external parties, including regulators and third-party vendors.
  

Documentation and Reporting:

• 
  
• Maintain records of processing activities, risk assessments, and compliance efforts.
  
• Prepare and submit reports on data protection activities to senior management and regulatory authorities as required.
  

Continuous Improvement:

• 
  
• Stay updated on evolving data protection regulations, industry trends, and emerging technologies.
  
• Recommend improvements to data protection practices and ensure the organisation is prepared for regulatory changes.
  

Requirements

• 
  
  
• Minimum of 3-5 years of experience in data protection, privacy, or compliance roles.
  
  
• Experience with the General Data Protection Regulation (GDPR) and other privacy laws (e.g., CCPA, HIPAA) is essential.
  
  
• Previous experience working as a Data Protection Officer or in a similar capacity is highly desirable.
  
  
• Familiarity with risk management and audit processes.
  
  
• A strong desire to grow, develop and support junior members of the team.
  
  
• Excellent written and oral communication skills for liaising with external stakeholders, conveying complex compliance information.
  
  
• Ability to analyse data, identify key issues, and develop practical solutions.
  
  
• Plan, prioritise, and manage time efficiently.
  
  
• Due to the nature of this role, having an eye for detail is crucial.
  

If you think you can deliver but don't match the criteria above, please don't be put off. We are very open-minded and focus on ability and attitude above skills.

What We Offer

• 
  
• A dynamic and supportive work environment where customer care and innovation drive everything we do.
  
• A dedicated budget for your professional development.
  
• EMI Employee Share Schemes provide the opportunity to share in the company's success.
  
• Access to an Employee Wellness Hub supported by Kara Connect for health and well-being resources.
  
• Frequent team social events and celebrations.
  
• 22 days holiday rising to 25, plus a birthday holiday.
  
• Refer a friend bonus scheme, up to £2,000!
  

Why Join Us?

At Cognisys, you will be part of a collaborative and innovative team that values your input and shares support. You'll have the opportunity to work on challenging projects that make a real impact on our clients. We'd love to hear from you if you want to challenge, lead and innovate!

We're not just about the work; we're about the people. Join a team where innovation is celebrated and your contributions are valued. We foster a collaborative environment where fresh ideas thrive and professional growth is encouraged.

Applications

Please feel free to reach out to Dom, our Head of Talent Acquisition, if you would like any further information, to discuss accessibility requirements, or if you require this information provided in an alternative format –

We welcome applications from candidates from diverse backgrounds and can make various reasonable adjustments to accommodate individual needs.

NO RECRUITMENT AGENCIES, PLEASE