Data Protection Officer

4 days left

Iceberg Cyber Security
01 Sep 2017
29 Sep 2017
Contract Type

My client is a technology led business who operates an online platform and are a highly transactional business. They are searching for a talented Data Protection Officer to lead and ensure the security of their purely online business based in their London HQ. The ideal candidate will have experience of data protection and GDPR, ISO27001 and a background in Information/Cyber Security. You will be bridging the gap between the legal teams, IT departments and the business to ensure sensitive data is stored correctly.

In return for your expertise my client is excited to offer a base salary of between GBP55-65k, a leading benefits package and the opportunity to help lead a growing groups security function.


  • Lead the development, documentation and maintenance of information security policies, procedures, and standards across the organisation
  • Developing a high quality, group wide, data security function supporting both business to business services and consumer brand products.
  • Serve as project manager/lead within security projects.
  • Maintaining data security standards and Gambling Commission compliance.
  • Achieve and maintain ISO 27001 compliance and related standards such as those of the World Lottery Association.
  • Promote and develop awareness for different security risks and best practices across the company.
  • Maintain an effective training and induction programme around data security.
  • Ensure the Group's underlying data and information security processes, infrastructure and measures are fit for purpose and scaled to deliver an appropriate level of protection.
  • Establish key metrics in order to measure data security standards and provide internal and external compliance reports.
  • Maintenance and control of Risk Register
  • Ensure all data security Incidents are categorised and handled in line with regulatory and industry standards, including the onward reporting of incidents to the appropriate 3rd parties.
  • Work closely with the Head of Legal and Regulatory Affairs to ensure appropriate data security submissions are completed in time to meet regulatory requirements.
  • Work closely with Head of Foundation Services to ensure appropriate infrastructure is in place to support Data Security Standards
  • Manage outsourced contracts for services such as Penetration testing and specialist security related consultancy services.

Required Experience:

  • Bachelor's Degree, Information Systems, Computer Science, Information Security, CISSP or similar.
  • Experience in working on ISO 27001 certification exercises - from gap analysis, design, implementation to mock audits.
  • Experience with World Lottery Standards would be a bonus
  • IT security or information security experience with a proven ability to engage with Senior Management and regulators.
  • Knowledge of the laws, regulations, and standards relating to IT and data security including the GDPR
  • Someone who enjoys responsibility and solving problems. willing to go the extra mile to get things done and are passionate about what they do.
  • A solid understanding and demonstrable experience of data management plus data and information security, including working knowledge of latest trends and technologies.
  • Experience of developing and maintaining business processes.
  • Operational experience of business continuity and disaster recovery processes.

If you meet these requirements and feel confident taking charge of my clients group security then please apply below or contact Oliver Legg directly on or