The Data Privacy Officer is responsible for overseeing and implementing Data Protection Programme, ensuring the Project meets its obligations under applicable data protection laws (including the General Data Protection Regulation, the Data Protection Act 2018, and S.I. No. 336/2011 – ePrivacy Regulations). The role reports to a designated member of the Senior Management Team.
Key Responsibilities
- Develop and implement key processes to embed the Data Protection Programme
- Create and deliver training and awareness initiatives to support programme rollout
- Advise on Data Protection Impact Assessments (DPIAs) and Privacy Impact Assessments (PIAs), identifying risks and recommending mitigation actions across processes, projects, and systems handling personal data
- Ensure third-party contracts comply with data protection laws, and establish processes to monitor and manage third-party compliance with programme requirements
- Maintain and manage the Data Protection Risk Register, working with stakeholders to address and track risk mitigation actions
- Oversee the personal data incident and breach management process
- Maintain Records of Processing Activities (ROPAs) for the entity
- Conduct Transfer Impact Assessments and Transfer Risk Assessments
- Implement subject rights procedures and manage related requests
- Carry out risk-based monitoring of controls to ensure ongoing effectiveness
- Collaborate closely with the other entities’ Data Protection Officers to ensure alignment with group policies
- Represent the entity in cross-functional groups and committees, including the Data Protection Committee
Key requirements:
- Over 7 years’ experience in data protection, compliance, or risk management, with strong practical knowledge of related processes
- Degree or professional qualification in law, business, technology, or a related discipline
- Proven experience designing and implementing controls, processes, and procedures
- Experience identifying and managing risks
- Strong working knowledge of GDPR and the Data Protection Act 2018
- Experience with privacy management tools (e.g. OneTrust) is an advantage
- Experience reviewing data protection agreements is desirable
- Strong report writing and process design skills
- Excellent stakeholder management and influencing abilities at all levels
- High attention to detail and strong analytical capability
- Effective problem-solving skills
- Strong presentation and communication skills
- Ability to quickly understand and synthesise new information
- Ability to identify improvement opportunities aligned with project objectives
Certifications & Memberships:
- CIPP/E required
- CIPM and/or CIPT are advantageous
- Membership of a relevant professional body (e.g. IAPP) is preferred
