Saltar al contenido principal

Senior Privacy Analyst

Security

The UK Privacy Office, part of the Global Data Privacy and Protection team, is responsible for overseeing the UK Privacy Program which aims to:

  • Help Equifax Ltd and its UK subsidiaries comply with the requirements of applicable privacy and data protection and laws;

  • Enhance the privacy maturity of the UK Business;

  • Support revenue growth through development and delivery of privacy capabilities, including design and implementation of privacy controls and processes aligned to NIST Privacy Framework;

  • Design, development, operation, or support of privacy products and services

The UK Privacy Office has two key capabilities: Privacy Operations and Privacy Assurance.

  • Privacy Operations i) manages our privacy program based on controls, technical requirements, and processes aligned to the NIST Privacy Framework; ii) acts as trusted advisor and advises on privacy requirements and ensures privacy is built into everything we do; iii) provides a suite of privacy services which include governance and policy management, PIA, data classification, and privacy incident management; iv) manages privacy regulator relationship(s) (e.g., ICO).

  • Privacy Assurance i) as a second line of defence function, provides oversight and monitoring of our compliance levels against privacy requirements; including testing of controls and technical requirements; ii) provides privacy risk management; iii) raises privacy awareness.

This role will report to the Senior Privacy Manager and there will be fantastic opportunities to progress, grow and develop in this role. This exciting opportunity has a broad remit and can be based in our London, Nottingham or Leeds offices.

What You'll Do

Privacy Operations

  • Support the DPO, and the Privacy Office’s activities in overseeing EFX UK’s Privacy and Data Protection strategy (including the UK Privacy Program) and its implementation

  • Inform and advise the UK Business and its employees of their obligations pursuant to EFX UK’s privacy policies and applicable privacy and data protection laws.

  • Support the development, implementation and maintenance of EFX UK’s suite of privacy and data protection policies, standards, standard operating procedures (SoPs).

  • Work in collaboration with different business areas such as Products, to conduct or facilitate privacy related assessments, including Privacy Impact Assessments (PIAs), Transfer Risk Assessments (TRAs) and Legitimate Interest Assessments (LIAs).

  • Advise the Data Governance team in the development and maintenance of Equifax's Data Inventory, Records of Processing Activities (RoPA), Data Retention Standards, and Data Minimisation approaches. 

  • Support Incident Management related activities, including: advise on internal and regulatory investigations involving personal data, and undertaking personal data breach notifications assessments.

  • Advise on responses to data subjects enquiries and support the resolution of data subject complaints. 

  • Support client audit activities, including completion of client audit questionnaires, and attending audits.

  • Support third party onboarding process, including undertaking privacy risk assessment of prospective third parties. 

  • Raise privacy and data protection awareness and train employees on relevant privacy and data protection topics.

  • Support the development of a variety of reports and executive dashboards for various Management Committees and Forums, including gathering relevant and timely information and metrics from multiple sources and stakeholders, and presenting them in visually accessible formats (e.g. graphs and charts).

Privacy Assurance

  • Support the Privacy Assurance Manager in performing privacy assurance reviews, control testing and providing oversight of the operational effectiveness of privacy related processes (e.g. DSAR, Erasure Requests).

  • Support the third party assurance process in identifying privacy risks and communicating these findings to the third party, including managing any remediation requirements.

What Experience You'll Need

  • Operational privacy experience, including: privacy processes development and/or improvement; policy suite development and maintenance; incident management; privacy related assessment (such as DPIAs / PIAs, Transfer Risk Assessments (TRAs) and Legitimate Interests Assessments (LIAs)); regulatory engagement (ICO or FCA).

  • Good working knowledge and application of the requirements of the applicable privacy laws and regulations, e.g. UK DPA2018, the UK GDPR and GDPR.

  • Exposure to conducting privacy assurance reviews, controls testing, recommending appropriate mitigations, and tracking them through completion.

  • Experience in or exposure to working on regulatory matters involving the ICO and/or the FCA.

  • Experience and/or knowledge in at least one of the following sectors: Retail, Banking, Financial Services, Debt Services, General Insurance, or Credit Reference Agencies.

  • Strong oral and written communication skills including ability to present complex technical or regulatory matters in an accessible way, to manage stakeholders expectations in delivery of desirable regulatory outcomes, and to provide challenge when necessary.

  • Strong collaborator and experience of working and building relationships with colleagues from Legal, Compliance, Risk, Information Security, Data and HR to achieve the desired privacy and data protection outcomes.

  • Competent problem solver. Adept at identifying issues and root causes,understanding the risks and impact, and using own initiative to then develop a set of solutions which are pragmatic and effective to address the problem.

What Could Set You Apart

  • Strong interest in developing oneself as a privacy expert. 

  • Passion for the field of privacy and data protection.

  • CIPP(E), CIPM,  CIPT or CDPSE certifications

  • Experience of working in mature privacy functions operating in complex environments.

  • Experience in providing privacy and data protection advice and guidance in an environment processing large volumes of personal data (e.g. covering the UK population).

  • Experience in and working knowledge of Information Security, technical CyberSecurity or Data Science disciplines.

  • Experience in and working knowledge of NIST Privacy and CybersecurityFrameworks.

We offer a wide range of company supported benefits including contributory pension, life cover, income protection, Bupa healthcare, enhanced maternity and sick pay, 26 days holiday and a day off for your birthday, with the ability to buy and sell and free credit checks. We also offer flexible benefits ranging from cycle to work, discounted travel options, gym membership, dining and leisure discounts, financial & savings plans, mobile discounts plus much more!

We also support personal development and have a range of learning options including our global online learning platform and allow you to bring your whole self to work supported by our Inclusion and Diversity, Wellbeing and Employee Engagement forums. 

If this sounds like somewhere you want to work, don’t delay, apply today - we’re looking for you!

All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

El trabajo en Equifax

Creemos en una mentalidad de crecimiento. En Equifax, esto incluye brindar a nuestros empleados oportunidades para desempeñarse al máximo y aprender nuevas habilidades a lo largo del camino para inspirar y desarrollar carreras profesionales satisfactorias

Laptopv2

Únase a nuestra comunidad de talentos

Obtenga información sobre las próximas oportunidades y eventos profesionales en Equifax

Inscribirse