1. Home
  2. Careers
  3. Jobs at bp
  4. Data Protection Manager

Data Protection Manager

Data Protection Manager

  • Location United Kingdom - Flexible
  • Travel required No
  • Job category IT&S Group
  • Relocation available No
  • Job type Professionals
  • Job code 144253BR
  • Experience level Intermediate
Apply Search all jobs at bp

Job summary

Grade HResponsible for supporting information security and risk activities for the specialism, using sound technical capabilities to review and adjust information security processes, supporting the delivery of security solutions, recommending improvements to security strategies and managing external service providers, as required. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.

Role Overview:

The Data Protection Manager (DPM) understands the bp pulse data protection needs and delivering a risk-based data protection compliance strategy.

Key Accountabilities:

  • Implementation of the data protection programme and compliance strategy on a global remit.
  • Effectively communicate to, and influence successfully at, on compliance matters.
  • Ensure the business is aware of and given ‘standard process’ mentorship to implement appropriate compliance with Corporate Compliance topics, in particular, the General Data Protection Regulation (GDPR), CPRA/CCPA, PIPL and other geo specific privacy legislations.
  • Completing periodic reviews to assess Pulse compliance with relevant behavioural compliance legislation / regulation for example, the GDPR, CPRA, PIPL, recommending appropriate remediation action.
  • Be a point of contact for advice and support to ensure business functions are aware of their legal responsibilities and understand how to follow their behavioural compliance obligations.
  • Attend relevant internal Global led data protection meetings.
  • Work closely with the DPO in directing the activities required by the business in respect of data protection.
  • Ensure any personal data breaches are logged, reviewed and remediation action is taken by the business to halt / prevent / remediate the breach; triage the breach with the DPO and where necessary, via the DPO, ensure it is reported to the Information Commissioners Office.
  • Ensure any exercise of individuals rights by data subjects are logged, reviewed and responded to appropriately and within a timely fashion; as necessary liaising with the DPO.
  • Ensure any third-party requests for personal data are logged, reviewed and responded to appropriately and within a timely fashion.
  • Ensure relevant guidance is issued in particular to maintain up to date personal data, on retention periods and appropriate destruction of personal data.
  • Work with the internal business functions to ensure privacy impact assessments are completed on any new projects or high-risk activities involving the processing of personal data.
  • Support the development and rollout of training materials to improve knowledge behavioural compliance in within the global remit.

Your Experience:

  • In-depth knowledge of data protection law and ability to translate complex data protection requirements into practical everyday application, guidance and advice; demonstrating a pragmatic and risk-based approach.
  • Able to communicate with confidence, influence successfully at senior management level and deploy strong collaborator management skills.
  • Able to spot gaps in procedures or staff knowledge and propose potential solutions.
  • Able to deal effectively with external parties such as those requesting access to, for example, employee or customer personal data.
  • Able to develop and deliver effective training sessions.
  • Team player with the ability to proactively work to group-aligned targets and objectives.
  • Able to effectively prioritise workloads.

Qualifications & Certifications:

  • Degree Qualified (or validated work experience equivalent) in an appropriate field with shown post graduate experience.
  • A strong academic background, preferably with a minimum of one privacy-related certification such as CIPP/E, CIPM or equivalent.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Apply Search all jobs at bp