This job posting isn't available in all website languages


Experian Careers Job Search

Data Protection Officer

Legal & Compliance
181888 Requisition #
Apply for Job
Share this Job
In line with the requirements of General Data Protection Regulation (GDPR), a DPO is required for our Credit Bureau businesses to ensure GDPR requirements are being met on an ongoing basis.
The DPO will also act as an intermediary between the regulator, data subjects (consumers and businesses) and local/regional management committees.
A 2nd Line of Defence role, the DPO will maintain a level of independence from the 1st Line of Defence, however, will be seen as a credible, trusted advisor to ensure the business fully understands the requirements of GDPR and the requirements are factored into commercial discussions around innovative uses of data.
The DPO will work closely with local Compliance Officers and other 2nd Line functions.

Scope of Role
The DPO is a role who must be seen as a credible and trusted monitor, advisor, facilitator, guide and supervisor on data protection matters Fundamentally, the DPO will;
  • Monitor compliance with GDPR and other union or member state relevant provisions and with the personal data protection policies of the organisation
  • Give advice to the controller/processor and the employees when carrying out a Data Protection Impact Assessment
  • Act as a facilitator, cooperating with the supervisory authority and also internally within the organisation. DPO must be the contact point with respect to data subjects, the supervisory authority/DPAs on issues relating to processing, including the prior consultation and regarding any other matter
  • Ensure GDPR-related Policies are understood and embedded within the organisation
  • Frequent interaction and monitoring of Consumer Helpdesk Team/s to ensure consumers are being treated fairly at all times
  • Participate in the analysis of GDPR-related risks and issues as they arise

Key Result Areas
  • Acting as core part of regional/local commercial strategy; being local expert on GDPR requirements, ensuring regulation is considered in any new product development and an effective audit trail exists
  • Identify, engage and collaborate with internal stakeholders to deliver against policy standards and standards of best practice. This will include engagement with members of the EMEA Executive and Senior Management Teams
  • Understand how GDPR applies to the business, and in particular in relation to new regulatory announcements – ensure communication to any impacted areas is concise, easy to understand and pitched at the right level
  • Use of effective, innovative communication styles to ensure optimum understanding from key stakeholders
  • Attend local Senior Management meetings and share position on organisation’s ability to comply with GDPR requirements
  • Building a proactive and effective relationship with regulators
  • Ensuring defined process is following and acting as 2nd Line of Defence coordinator in unlikely event of regulatory breach
  • Conducting periodic and ad-hoc monitoring of Consumer Helpdesk/s to ensure consumer’s GDPR rights are being upheld and satisfied in line with process
  • Effective engagement with stakeholders that successfully delivers change and ensures ‘buy-in’ at the right level
  • Maintain a good understanding of local Data Protection regulatory requirements; i.e. Rules-based vs. Principles-based regulation
    Positive and collaborative engagement with the Compliance Officer/s (and other members of the Compliance Team), ensuring Compliance Management Programme requirements are considered at all times
  • Ensuring GDPR is considered in local/regional strategic planning
  • Management are appropriately informed of identified (& applicable) risks and issues
Key Interactions
  • EMEA Leadership Team
  • Local Senior Management Teams
  • EMEA Compliance Team
  • Operations Service Directors & Risk Managers
  • EMEA Head of Legal/Local Legal Team
  • Regulators
  • Consumer Helpdesk
  • Consumers
  • Global Internal Audit
  • Global Risk Management
  • Global Security
  • Global Business Continuity
  • Corporate Communications/PR
Required Qualifications/Experience
  • Degree or equivalent in a relevant discipline
  • Knowledge of the generic operational functions and compliance requirements of a Credit Reference Agency (“CRA”)
  • Expertise in national and European data protection laws, practices, in-depth understanding of the GDPR and knowledge of the business sector and of Experian
  • Experience of advising on regulatory requirements, specifically the ability to interpret and explain in “plain English”
  • Ability to communicate and engage with regulators
  • Experience of undertaking compliance monitoring, developing processes and writing reports to a high standard
  • Experience in one or more senior compliance or legal roles
Required Skills
  • Excellent verbal communicator at all levels with experience of working with senior management
  • Strong written communicator with good attention to detail
  • Excellent influencing/negotiation skills
  • Strong relationship management skills that help facilitate a pro-active and effective compliance-to-business relationship
  • Good risk based judgement skills including the ability to assess compliance risks appropriately with commercial needs
  • Intuitive self-starter with the ability to prioritise workload effectively
  • Recognised as a role model who leads and inspires confidence
  • Proven facilitation skills
  • Lateral thinker with an ability to interpret and solve complex issues
  • Excellent communicator with strong inter-personal and influencing skills.
  • Ability to ‘untangle’ regulation and communicate in a way that is clear and easy to understand

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Oslo, Oslo, Norway

📁 Legal & Compliance

Privacy Policy  |  Online Community  |  Press  |  Investor Relations