Data Privacy Analyst

Data Privacy Analyst (FTC – 12months) – Crawley (Hybrid) - £40,000 - £50,000 + Bonus + Benefits

Main Responsibilities:

• Take primary responsibility for the end-to-end management of data subject requests under UK data protection laws, such as access and erasure requests, and for information requests from external bodies such as law firms, law enforcement agencies, or government departments.
• Develop and enhance existing internal documentation and communications around the data subject request process, ensuring:

• Other departments clearly understand their roles, and
• The Data Security Compliance team handles requests in the most structured, efficient, and cost-effective manner, whilst complying with UK data protection legislation and meeting legal deadlines.

• Work closely with the team on the development and integration of tools involved in the data subject request process, including the OneTrust Privacy Rights Automation module and other internal platforms.
• Contribute to reviewing current assessment and accountability processes, working with stakeholders to create new ones where necessary. Assist with identifying improvements to reduce risk and ensure compliance. Key processes include:

Data Protection Impact Assessments (DPIAs),

• Legitimate Interest Assessments (LIAs),
• Legal Basis for Processing Checklists, and
• Records of Processing Activities (ROPA).

• Help optimise these assessment processes and contribute to the continuous improvement of the related documentation.
• Support the application of organisation-wide processes such as Data Protection by Design and Default, collaborating with business teams and the IT department as necessary.
• Assist in updating and communicating the organisation’s data security policy suite.
• Contribute to the design and delivery of data protection and security training, awareness initiatives, and eLearning programmes.
• Support the Data Protection Officer (DPO) in ensuring data security compliance is communicated effectively across the organisation by assisting in the production of internal communications, articles, and intranet content.
• Provide well-considered and clear advice on data protection and security-related queries, both internally and externally.
• Be open to taking on ad hoc tasks and challenges, finding practical solutions for implementation.
• Represent the team in meetings, projects, and initiatives as required.
• Attend industry events, conferences, and seminars to stay informed on evolving threats and legislative changes.

To be considered for this role, you should have:

• Strong understanding and practical experience of both current and forthcoming UK data protection legislation, such as the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR), alongside familiarity with the guidance provided by the Information Commissioner’s Office (ICO).
• Possession of one or more recognised data protection qualifications, such as UK GDPR Practitioner, CIPP/E, or CIPM.
• Substantial experience in handling data subject requests under the UK GDPR.
• Experience working in a team where advising and guiding both internal and external stakeholders on UK data protection matters is a key focus.
• Proven expertise in managing sensitive and confidential information with integrity.
• Exceptional organisational and planning skills, with the ability to balance competing priorities and meet strict deadlines.
• Ability to remain composed under pressure while maintaining discretion and confidentiality.
• Capable of working autonomously with minimal supervision, as well as collaboratively and flexibly within a team to achieve collective goals.
• Excellent written communication skills paired with the ability to articulate verbally in a clear and concise manner.
• A methodical approach with great attention to detail and accuracy.
• Self-driven, motivated, and focused, with a strong desire to contribute, use initiative, and provide added value.
• Proficient general IT skills, ideally with experience using Google Workspace and Adobe Acrobat Pro, or at the very least, a solid working knowledge of Microsoft Office/O365 applications.

Our client offers a great working environment with various progression plans to suite your career goals, in addition to a generous benefits package including a 10% bonus, family private healthcare, a generous pension scheme, 25 days of annual leave, share options, flexible working options, and more.

If this role is of interest, please apply or reach out to Jacob – 07893921057 /j.collen@lockemccloud.com

Locke & McCloud are the UK’s leading cyber security & information security staffing company – through having a sole focus on the cyber & information security space we have been able to foster solid relationships with some of the UK’s most exciting cyber security consultancies & end users. Our focus on the information security space allows us to be able to help you find the most exciting.