Senior Data Privacy Analyst

---

Job description

Our Journey:

At Shell Energy, we believe that home energy matters. It's more than what boils the kettle or keeps the radiators warm. It empowers us to make better decisions now about our world tomorrow.

It's the reason why we supply 100% renewable electricity, carbon neutral home energy, smart home technology, discounts on broadband, and exclusive rewards. Going above and beyond for our customers is what we're all about.

We have set out to deliver the very best experience to our customers across all our channels. But bigger challenges lie ahead. We need to keep moving forward. Why don't you help us get there?

Job Description

Your part in our journey:

Shell Energy is going through continual improvement across the business and with its technical infrastructure. As we grow our business and develop new and exciting products for our customers, your role will be pivotal to ensure that we maintain compliance with all aspects of GDPR, PECR and the Data Privacy Act 2018 through the delivery of timely advice, guidance and assurance

Your part in the team:

You'll have the opportunity to be involved in projects for a range of systems and products across the Shell Energy portfolio.

As a Senior Data Privacy Analyst you'll be able to influence the decisions made regarding data privacy and work with stakeholders from all areas of the business. Working closely with other members of the Information Security team you'll have the opportunity to grow and develop your existing knowledge of data protection and information security.

Reporting to the Data Privacy Manager you will work to support the business to ensure ongoing compliance with relevant data privacy legislation across the Shell Energy business

Working with Information Security, Infrastructure and Architecture to help ensure strong controls over security of personal data.

Working with operations to ensure strong first line of defence controls over processing of personal data.

Working with Client Project teams and technical Delivery to ensure that data privacy controls are built into platform delivery and change processes.

Working with Legal, Procurement and Supplier Management to ensure compliance with regulatory requirements for third party contracts

Delivery of Data Privacy Impact Assessments across the business

Providing data privacy compliance input into new business initiatives/ propositions, new supplier due diligence and Data Privacy Risk Assessments

Providing support to the Senior Management by providing assurance on the systems and controls connected with the Company's data privacy obligations.

Providing consultancy and challenge to the business on data protection / data privacy.

Supporting the ongoing maintenance of data privacy related policies and procedures in line with applicable legislation, regulations and codes of practice.

Maintaining and liaising with business owners to ensure the updating of the mapping of personal data

Reviewing risk events, confirming DPA impacts/ breaches where applicable; advising, as required, on action to be taken; monitoring through to completion and identifying trends.

Supporting the investigation and resolution of Personal Data breaches, including production of an Incident Report and reporting to stakeholders as required

Responding to correspondence from the ICO and individuals regarding data privacy matters

Assisting in the development, maintenance and delivery of mandatory data privacy training modules for all staff.

Contributing to MI and reports, as required.

What you'll need to help you make the best of the role:

Demonstrable expert and specialised knowledge of GDPR, PECR and DPA legislative requirements

A proven track record of GDPR and DPA compliance delivery and support

Good communication, relationship management and influencing skills.

Ability to analyse, present and report regulatory information to stakeholders in a clear and concise manner.

Experience in risk management delivery and processes

The nice to haves:

A background in the utilities sector

Experience of working in a fast-paced commercial delivery environment

A background in information security or regulatory compliance

A Relevant professional or industry qualification (e.g. IAPP CIPP, EU GDPR P, PDP GDPR)

Job Capability

Please contact Sam Smith for more information.