Data Protection Manager

Job Introduction

Actively promotes and ensures adherence to the Bank's Risk Management framework (including sub-frameworks) and relevant risk and compliance policies and procedures, ensuring timely and appropriate escalation of concerns to relevant senior stakeholders

This role works strategically across UKT and the Bank to lead the embedding and maintenance of the Handelsbanken plc privacy framework (‘PIMS’). This is a senior role within our Information Security Privacy, Policy and Awareness Team with accountability for the design, implementation and continual improvement of the PIMS and its underpinning processes. The role manages a team of data protection consultants and reports into the Head of Privacy, Policy & Awareness (UK Privacy Officer). The team operates as a specialist function within the Information Security Privacy, Policy and Awareness Team, which is part of the wider UK Information Security team. The role requires a collaborative individual who has strong leadership, stakeholder management and influencing skills, combined with a current and expert level understanding of privacy requirements and practical application. They will be comfortable liaising with staff of all levels, including stakeholders at senior management and leading the development and performance of a team. 

Main Responsibilities 

• Be responsible for the embedding and continual improvement of the Handelsbanken plc Privacy Framework (PIMS), ensuring its effective design and operation in the Bank and in line with UK legal, regulatory and good practice requirements and Bank’s global privacy framework and governance; 
• Lead the continued development of a team of specialist data protection consultants, as well as development of technical data protection expertise and knowledge across the wider UK Information Security team;
• Responsible for creating, maintaining and embedding the Handelsbanken plc Data Protection policy, PIMS, Control Standards and instructions, and for the effective planning, prioritisation and delivery of their review cycles to ensure the framework is kept up to date, aligns to UK legal, regulatory and good practice and Bank’s global minimum standard for data protection; 
• Ensure the clear design and articulation of privacy controls which align to the Bank’s legal, regulatory and business needs;
• Lead and manage the design and delivery of the Handelsbanken PIMS, applying a structured plan-do-check-act methodology; 
• Act as specialist owner and be responsible for the design and operating effectiveness of UK specialist privacy processes and procedures owned in the team, such as Data Subject Rights, ROPA, Privacy Notices, and Privacy Impact Assessments;
• Lead and manage the planning, development and delivery of the 1st line of defence privacy business plan, including effectively leading the team, managing change, new demands, requirements, or issues and providing regular status/delivery performance reports to management as required;
• Maintaining oversight of PIMS effectiveness in line with Framework Owner responsibilities in the Bank’s Risk Management Framework and monitoring business performance against privacy controls, including maintaining effective framework performance metrics, coordinating and presenting effective risk scorecards and quarterly management reports in UK Governance forums and committees, to ensure good oversight of the PIMS and influence decision making on areas requiring focus or improvement;
• Influencing business priorities and control owner plans for privacy improvements and risk mitigation and influencing across the Bank, including at Senior Management level, to ensure clear ownership and accountability for privacy controls
• Lead the effective integration and ongoing alignment of the Privacy Framework with the Bank’s Risk Management Framework and operational risk processes; 
• Provide subject matter expertise covering all aspects of privacy best practice and UK regulatory requirements to a range of different stakeholders to ensure effective risk management of privacy and represent the Information Security team with Business stakeholders as a trusted advisor, finding pragmatic and cost-effective privacy focused solutions that efficiently support customer needs;
• Act as lead Duty Incident Manager on a shared rota basis to manage information security and personal data breaches in accordance with defined incident management processes, ensuring impacts and risks are appropriately identified, assessed and mitigated;
• Deputise for elements of the reporting manager’s role (Head of Privacy, Policy & Awareness Manager and UK Privacy Officer) as required, on an ad-hoc basis, to cover absences, periods of increased workload, etc; and
• Support the Bank’s 2^nd line Data Protection Officer as required, for example in responding to requests to the supervisory authority or supporting the Data Protection Officer responding to request from data subjects.

Ideal Candidate

Research (by Harvard University) shows that women are particularly likely to second guess themselves and not apply - so if you are worried you don't meet all the criteria, get in touch anyhow and let us do the worrying…

• Embedding, managing and operating a privacy framework / PIMS
• Strong experience leading, manage and develop other colleagues, including team wellbeing and performance
• Able to influence decision making in a commercial environment, to surface and mitigate operational issues and privacy risks across a wide range of stakeholders, up to and including senior management / executive
• Prioritise and deliver competing priorities and manage stakeholders effectively
• Takes responsibility and can act autonomously; 
• Plan, organise and prioritise tasks and projects, including own and / or oversight delivery of improvement projects and/or key processes 
• Solves problems creatively and effectively;  
• Strong team player;
• Can interact proactively and confidently with all areas of business, including senior management
• Excellent interpersonal and communication skills in both written and spoken English;
• Can successfully communicate complex data protection requirements to non-technical stakeholders 
• Pragmatic, and effectively balances risk and control requirements with commercial drivers and customer outcomes
• Positive, collaborative and builds and maintains effective cross functional relationships 
• Extensive practical application of privacy (technical and non technical aspects), preferably in financial services,
• Good understanding of information security

Company Information

Handelsbanken is a relationship bank with a decentralised way of working, a strong local presence thanks to a nationwide network of branches, and a long-term approach to customer relations. Each Handelsbanken branch operates as a local business enabling it to make decisions at a local level and provide a bespoke service. The focus is always on the need of the individual customer and not on the sale of specific products. 

We are embarking on an exciting Business Transformation journey. This transformation will significantly enhance our technology system systems, processes and services, bringing evolution to our ways of working. Join us in this transformative journey, where your dedication, adaptability and commitment will play a crucial role in shaping the future of banking for our valued customers.

The Bank is deeply committed to embedding good equality and diversity practice into all of our activities. This is so that we are an inclusive, welcoming and inspiring place to work that encourages everyone to apply, regardless of socio-economic background, age, disability, pregnancy and/or parental status, race (including colour, nationality, and ethnic or national origin), veteran status, marital and civil partnership status, religion or belief, sex, gender reassignment or sexual orientation. 

Check our Handelsbanken website for further information

At Handelsbanken, we deeply value our unique culture and values including trust in and respect for each individual. We take pride in nurturing a work environment where people flourish, and where they are empowered to take decisions in their areas of expertise. We take a long term perspective in everything we do and want each employee who joins us to build a long terms successful career with the Bank.  

What is in it for you?

• We have a wide range of learning and development available, empowering and enabling our colleagues to take ownership of their own development. 
• Competitive Salary and an extensive range of benefits is provided, including private medical insurance, income protection and life assurance
• A market-leading pension contribution of 15% paid by the bank, which can be invested in a wide range of funds (including ESG and Shariah funds)

Application next steps

Your journey with us begins once you have submitted your application. One of our Handelsbanken recruiters will be reviewing your details and will later organise a phone conversation if you match the role requirements. If there is a mutual fit, we will extend an invitation for you to participate in an interview.  

How can we support you to be your best self? Our Talent Acquisition team will be happy to provide support e.g. if you need additional time to prepare for an interview or you have any requirements for any part of the interview/hiring process – just let us know by email uk_talent@careers.handelsbanken.co.uk. 

This advert will be live for a minimum of two weeks. However, please note that after the two weeks, the closing date could change at any time depending on the number of responses received.