Saltar al contenido principal

Privacy Manager

3 people looking at a screen

The UK Privacy Office, part of the Global Data Privacy and Protection team, is responsible for overseeing the UK Privacy Program which aims to:

  • Help Equifax Ltd and its UK subsidiaries comply with the requirements of applicable privacy and data protection and laws;

  • Enhance the privacy maturity of the UK Business;

  • Support the development of a privacy framework for new business areas, e.g. through M&A.

  • Support revenue growth through development and delivery of privacy capabilities, including design and implementation of privacy controls and processes aligned to NIST Privacy Framework;

  • Design, development, operation, or support of privacy products and services;

  • Support the design and development of data related products and solutions with privacy in mind.

The International Workforce Solutions (IWS) is establishing a presence in the UK. Our Debt Services Business (TDX) unit is expanding rapidly and embarking on a privacy transformation programme. A new requirement has therefore arisen to support these two UK business areas and the development of their respective suite of products and services.

This exciting opportunity has a broad remit and can be based in our London, Nottingham or Leeds offices.

What You'll Do

Product Development Support

  • Work in collaboration with Product and Data & Analytics colleagues to design and develop IWS and TDX data products and services with privacy in mind.

  • Work in collaboration with Technology colleagues to engineer technology solutions with privacy considerations built in from the outset.

  • Evaluate and recommend suitable privacy preserving techniques including Privacy Enhancing Technologies (PETs) to the processing of IWS and TDX personal data.

Privacy Framework Development and Operation

  • Lead the development of a privacy framework for IWS and TDX business units.

  • Support the DPO in overseeing EFX UK’s Privacy and Data Protection strategy (including the UK Privacy Program) and its implementation, in particular focusing on the IWS and TDX businesses.

  • Support the development, implementation and maintenance of EFX UK’s suite of privacy and data protection policies, standards, standard operating procedures (SoPs) and lead on those relating to IWS and TDX business areas.

  • Conduct or facilitate privacy related assessments for IWS and TDX initiatives,, including Privacy Impact Assessments (PIAs), Transfer Risk Assessments (TRAs) and Legitimate Interest Assessments (LIAs).

  • Support the resolution of privacy related incidents and personal data breaches, including notifications to the ICO and/or data subjects where necessary.

  • Support the DPO in cooperating with the Information Commissioner’s Office (ICO), and serve as contact point for the ICO on all matters and queries relating to the processing of IWS and TDX personal data. 

Privacy Assurance

  • Monitor IWS and TDX compliance with EFX privacy policies and applicable privacy and data protection laws, including: conducting assurance reviews; perform controls testing; provide oversight of the operational effectiveness of the IWS and TDX data subject rights related processes (e.g. DSAR, Erasure Requests).

  • Work in collaboration with second and third line of defense functions to ensure adequate levels of oversight are in place for IWS and TDX data processing activities. 

  • Develop compliance related metrics and report on IWS’ and TDX’s compliance levels and privacy risk postures to appropriate Management Committees and Forums.

  • Explore and develop approaches to automate the testing of privacy related controls.

Risk Management

  • Support the Risk Office in developing and maintaining a Risk Management Framework for the IWS Business.

  • Engage proactively with IWS Risk Owners and Risk Managers to ensure they have processes in place to identify, measure, monitor, mitigate and report on risks and associated mitigation strategies within their area of responsibility consistent with the policy and risk appetite.

  • Assist the Risk Office in developing and maintaining a business risk register for the IWS business, tracking and reporting of business risks to UK IWS leadership.

  • Develop and maintain a privacy risk register, on behalf of the Privacy Office, for EFX Ltd and its subsidiaries.

What Experience You'll Need

Product Development Support

  • Experience in supporting the design and development of data related products and services, in particular relating to processing of employment, income, payroll, debt, insolvency data, AI Driven Analytics, in accordance with privacy by design principles, ensuring privacy requirements are identified and built in from the outset.

  • Experience in or exposure to Cloud-based environments from a privacy and data protection perspective, including: developing data products on clouds; supporting migration of products and solutions from on-premise environments to the cloud; use of cloud based privacy and data protection technologies (e.g. data scanning and discovery). 

  • Experience in the use or deployment of Privacy Preserving Techniques or Privacy Enhancing Technologies (PETs) to help preserve individuals’ privacy during the processing of personal data.

  • Familiarity with reposed (we hold the data) and non-resposed (e.g. we request data from data providers) models of data processing, and both data controller and data processor obligations.

Privacy Operations 

  • Experience in developing and building privacy capabilities and operationalising privacy and privacy related regulatory requirements.

  • Operational privacy experience, including: privacy processes development and/or improvement; policy suite development and maintenance; incident management; privacy related assessment (such as DPIAs / PIAs, Transfer Risk Assessments (TRAs) and Legitimate Interests Assessments (LIAs)); regulatory engagement (ICO or FCA).

Privacy Assurance and Risk Management

  • Experience of conducting privacy audits, recommending appropriate mitigations, and tracking them through completion.

  • Experience of developing controls testing methodologies.

  • Experience in application of Risk Management principles, e.g. ISO 31000, including developing and maintaining risk registers.

What Could Set You Apart

  • Experience of working in privacy functions operating in product-led or complex environments processing large volumes of personal data.

  • Experience of helping start-up or similar environments build and scale their privacy capabilities.

  • CIPP(E), CIPM,  CIPT or CDPSE certifications

  • Experience in Cloud technologies, e.g. Google Cloud, Amazon Web Services (AWS), or Salesforce.

  • Experience in AI-Driven Analytics.

  • Experience in Information Security, technical CyberSecurity or Data Science disciplines.

  • Experience in and working knowledge of Risk Management Frameworks.

  • Experience of working with UK Government departments.

  • Experience in and working knowledge of NIST Privacy and CybersecurityFrameworks.

  • Excellent written and oral communication skills including ability to present complex technical or regulatory matters in an accessible way.

  • Strong collaborator and adept at building and deepening relationships with stakeholders from colleagues and clients to consumers and regulators.

We offer a wide range of company supported benefits including contributory pension, life cover, income protection, Bupa healthcare, enhanced maternity and sick pay, 26 days holiday and a day off for your birthday, with the ability to buy and sell and free credit checks. We also offer flexible benefits ranging from cycle to work, discounted travel options, gym membership, dining and leisure discounts, financial & savings plans, mobile discounts plus much more!

We also support personal development and have a range of learning options including our global online learning platform and allow you to bring your whole self to work supported by our Inclusion and Diversity, Wellbeing and Employee Engagement forums. 

If this sounds like somewhere you want to work, don’t delay, apply today - we’re looking for you!

All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

El trabajo en Equifax

Creemos en una mentalidad de crecimiento. En Equifax, esto incluye brindar a nuestros empleados oportunidades para desempeñarse al máximo y aprender nuevas habilidades a lo largo del camino para inspirar y desarrollar carreras profesionales satisfactorias

Laptopv2

Únase a nuestra comunidad de talentos

Obtenga información sobre las próximas oportunidades y eventos profesionales en Equifax

Inscribirse