Data Protection Specialist (Outside IR35)
Posted 7 days ago by Venesky Brown
£600 Per day
Outside
Hybrid
Edinburgh, Scotland, United Kingdom
Summary: The Data Protection Specialist role at a public sector organization in Edinburgh involves reviewing third-party contracts for compliance with data protection regulations and developing internal processes for data mapping. This contract position is set to last until March 31, 2026, and offers a hybrid working arrangement. The role requires a recognized data protection qualification and significant experience in the field.
Key Responsibilities:
- Undertake a review of third party contracts to identify all contracts containing data processing agreements and create an internal contract register.
- Review all third party contracts where suppliers process personal data to ensure all required UK GDPR Articles 28 and 5(2) and DPA, 2018 sections 59 and 34(3) contractual terms are in place and contracts have completed data processing agreements.
- Review procurement policies, procedures and guidance to ensure they include formalised data protection pre-assessment and post-assessment processes for data processors.
- Undertake a data mapping exercise to develop a proof of concept/blueprint to complete data mapping for all processing.
- Any other data protection work as required.
Key Skills:
- Recognised data protection qualification(s), and demonstrable experience in relevant discipline.
- Ability to work on own initiative, to be able to organise and prioritise workload to meet strict deadlines.
- Significant experience of appropriate risk assessment methodologies.
- Excellent communication, interpersonal and negotiating skills.
Salary (Rate): £600/day
City: Edinburgh
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: Other
Venesky-Brown’s client, a public sector organisation in Edinburgh, is currently looking to recruit a Data Protection Specialist for a contract until 31 March 2026 on a rate of £450-£600/day (Outside IR35). This role will be hybrid working with occasional onsite requirements.
Responsibilities:
- Undertake a review of third party contracts to identify all contracts containing data processing agreements and create an internal contract registers.
- Review all third party contracts where suppliers process personal data to ensure all required UK GDPR Articles 28 and 5(2) and DPA,2018 sections 59 and 34(3) contractual terms are in place and contracts have completed data processing agreement.
- Review procurement policies, procedures and guidance to ensure they include formalised data protection pre-assessment and post-assessment process in place for data processors.
- Undertake a data mapping exercise to develop a proof of concept/blueprint to complete data mapping for all processing.
- Any other data protection work as required.
Essential Skills:
- Recognised data protection qualification(s), and demonstrable experience in relevant discipline
- Ability to work on own initiative, to be able to organise prioritise workload to meet strict deadlines.
- Significant experience of appropriate risk assessment methodologies.
- Excellent communication, interpersonal and negotiating skills
Desirable Skills:
- Previous experience of undertaking reviews to ensure compliance with controller/processor requirements.
Standard Disclosure/BPSS security clearance required. If you would like to hear more about this opportunity please get in touch.