Data Protection Officer

Data Protection Officer

United Kingdom

(Hybrid)

Be the First to Apply

Job Description

Wood is recruiting a engaging, supportive leader who can continue to mature the Privacy programme at Wood by delivering improvements identified within the Privacy roadmap. Maintain the Privacy team’s reputation as a key collaborator and advisor to Wood’s HR, IT, Supply Chain and HSE teams, whilst continuing to develop direct engagement into the business units and with the wider group functions through active stakeholder engagement. 
You will lead the strategy and delivery of the Wood Data Privacy Programme (DPP), for Personal Indentifiable Information (PII), in order to ensure risk-based compliance with data privacy laws in all countries in which Wood operates. Act as a focal point for all data privacy activity within Wood and ensure the DPP is underpinned by a fit for purpose, risk-based and proportionate management system including processes, systems, tools and governance documents which will drive effective privacy compliance across the business.
You will provide guidance as the DPO across functions and business units globally and provide privacy compliance guidance (for PII) and direction in relation to all Wood data management activities.
This position forms a critical part of the Group Ethics and Compliance team, providing technical expertise and leadership in key areas for the whole function.

Responsibilities

Lead and implement a risk-based Data Privacy Programme (DPP) for PII
Manage and coach a small team of direct reports (3 people including this position) and ensure resourcing levels are regularly assessed
Develop and maintain a networks of partners and indirect reports for personal data issues across the business. Foster key relationships with other Group functions (e.g. Legal. P&O, IT, Data Governance, HSSES, Finance & Administration, S&D as required) and the Wood business to ensure the effective progression of the DPP strategy and build a company culture that values and applies data protection principles
Develop an interactive working practice with the Data Governance Programme which efficiently supports and complements the DPP
Effective management of external support where necessary
Develop and progress the use of the OneTrust tool to provide an accurate source of information and reports on data protection compliance including approving assessments and collaborating with team and business members to ensure their accurate and timely completion
Develop and monitor Programme Maturity including (i) maintaining the risk and assurance plans and overseeing the maintenance of records required to demonstrate data protection compliance
Develop and deliver a DPP training and communications programme to further the data privacy culture within Wood
Lead and advise on data privacy and protection matters in relation to the implementation of new laws, contracts and projects
Act as SME for individual rights’ requests, assure rights’ requests processes and liaise with Data Protection Authorities and complainants where required
Lead a personal data incident response and breach procedure
Provide strategic data privacy compliance reporting into the CECO and leadership

Qualifications

Qualifications: 

Degree qualified (preferably in law) with extensive experience in data protection, legal, compliance IT security or data management
Data Protection practitioner qualification such as CIPP would be advantageous

Skills, knowledge and experience: 

Knowledge of data protection laws, specifically the UK / EU General Data Protection Regulation. Knowledge / understanding of additional global privacy laws, data laws and cyber security laws and standards would be beneficial
Experience managing differing global privacy perspectives and levels of maturity and knowledge across an organisation
Ability to support, lead and manage multiple projects and workstreams, making fast paced and largely autonomous decisions
Experience designing and delivering privacy training and communications
Knowledge of information and cyber security risks and information security standards
Demonstrated ability to deliver a regulatory compliance or legal programme
Experience designing and delivering training and engagement programmes
Comfortable interacting externally with government and other public officials, serving as contact point for data protection authorities on behalf of Wood

Personal attributes: 

Strong interpersonal skills, able to communication and collaborate with various personalities and levels throughout the organisation
Commercial mindset with the ability to gain a quick understanding of the business and provide practical, risk-based guidance to the business
Collaborative in approach and working with others to deliver our Company objectives
Champion and drive innovation and change initiatives, focused on improving quality and effectiveness
Systems thinker with the ability to adopt a risk based approach to delivery
Consistently model and lead on the Group’s core values
Capable of managing delivery under tight or demanding timelines
Anticipate the environment, be forward thinking and able to see the ‘big picture’

About Us

Wood is a global leader in consulting and engineering, helping to unlock solutions to critical challenges in energy and materials markets. We provide consulting, projects and operations solutions in 60 countries, employing around 35,000 people. www.woodplc.com

Diversity Statement 

We are an equal opportunity employer that recognises the value of a diverse workforce. All suitably qualified applicants will receive consideration for employment on the basis of objective criteria and without regard to the following (which is a non-exhaustive list): race, colour, age, religion, gender, national origin, disability, sexual orientation, gender identity, protected veteran status, or other characteristics in accordance with the relevant governing laws.