Data Protection Officer at Nuclear Decommissioning Authority, Cumbria/Remote, 11 Months, £Contract Rate

  • Contract Spy
  • Cumbria, UK
  • Nov 24, 2020
6 Months or more

Contract Description

Job details


Data Protection Officer (INSIDE IR35) | Ref: PSR0011976

Whitehaven | Risk & compliance | Start: ASAP | Duration: 11 months

Posted 3 days ago

Job description


We are currently recruiting for a Data Protection Officer (Flexible working – Work need to be onsite in Cumbria 2 – 3 days a week)

Project Detail:

Nuclear Decommissioning Authority

Enabling Sellafield Ltd to comply with Data Protection Law. Ensuring the appropriateness of Sellafield Ltd’s current data protection policies; rewriting and relaunching those policies where required to ensure the Sellafield Ltd remains compliant and the appropriate guidance and advice is provided to the business.

As a Data Protection Officer, you will be: 

  • Act as Subject Matter Expert (SME) for Sellafield Ltd for all matters relating to the Data Protection Act and the protection of Sellafield Ltd.’s personal information whether processed internally or within the supply chain.
  • Responsible as point of contact for individual requests and queries regarding Data Protection legislation, managing and processing responses.
  • Review and production of existing and new Policy, strategy, processes, procedures and guidance documentation to implement legislation changes. Creating and maintaining materials for use by employees as guidance in the application of Data Protection Legislation including online solutions.
  • Assist with the Implementation of Data Protection legislation by promoting awareness across the business.
  • Conduct Data Protection Impact Assessments across the business
  • Manage and process subject access requests under Data Protection Legislation whilst Understanding the exemptions and rights of individuals under the legislation
  • Investigate and report on Personal Data Breaches; conducting investigations to ensure that all facts are established in accordance with the legislation.
  • Development and implementation of systems and applications to manage Data Protection Activities identifying medium- and long-term knowledge gaps and recommending programmes of work to be included in business plans.
  • Comply with all legislative, regulatory and company policy standards and procedures e.g. safety, quality, risk, security etc. applicable to the role.
  • To correspond with the supervisory Authority (ICO) where approved to do so.
  • To provide guidance and practical advice to the organisation on matters of Data Protection Legislation in line with Sellafield Ltd best practice and policies.
  • Undertake work self-directed within company strategies, policies and procedures and decisions may need to be taken without clear policy, guidelines or precedents.
  • Keep updated with case law and precedence set by the courts, ensuring the ongoing compliance of Sellafield Ltd.

You’ll have:


  • SC cleared preferable but not a must
  • GDPR or DPA practitioner certificate
  • Ability to lead on external issues (legislative, regulatory, best practice standards etc) relevant to Data Protection Law.
  • Strong influencing skills and stakeholder management skills, able to wield influence over other senior leaders in the organisation.
  • Wide knowledge of procedures and methods relevant to his/her field together with full understanding of underlying principles.
  • Ability to think and plan strategically.
  • Accredited to an appropriate professional body, providing depth and breadth of knowledge to act credibly at this level.