General Manager – Data Protection Office, Audit, Risk and Compliance Specialist

Tusla Child and Family Agency, Brunel Building, Heuston South Quarter, Dublin 8   Permanent
Business and Strategic Management  Salary:  See Description for Details
Closing Date: 12/04/2018 Recruitment start: 22/03/2018


Job Description

The Child and Family Agency was established on 1st January 2014 and is responsible for improving wellbeing and outcomes for children. It represents the most comprehensive reform of services for the development, welfare and protection of children and the support of families ever undertaken in Ireland. It is an ambitious move which brings together some 4,000 staff who were previously employed within Children and Family Services of the Health Service Executive, the National Educational Welfare Board and the Family Support Agency.

The Child and Family Agency has responsibility for the following range of services:
• Child Welfare and Protection Services, including family support services
• Family Resource Centres and associated national programmes
• Early years (pre-school) Inspection Services
• Educational Welfare responsibilities including School completion programmes and Home School Liaison
• Domestic, sexual and gender based violence services
• Services related to the psychological welfare of children

Further information is available on www.tusla.ie

Purpose of Post
The post holder will assist the Data Protection Officer in the monitoring of the design and operation of the Organisational and Technical Measures utilised to achieve compliance with the General Data Protection Regulation.

Job Objectives

Deliver efficient, effective and safe data protection services to our clients and to our staff
The post holder will:

• Lead / Assist Data Protection compliance reviews and gap analysis within the organisation and within our data processors. Such assessments will involve the assessment of the adequacy of the controls (organisational and technical) from a design and operations perspective, in meeting our GDPR obligations.
• Act in an advisory capacity to our organisation on Data Protection best practice and participating in initiatives including but not limited to delivering policies/procedures, training/awareness, data inventory creation, data lifecycle mapping, control re-design etc.
• Supporting and facilitating internal audit / external audit and regulator data protection reviews.
• Lead / Assist with the processing of Data Subject Access, Amendment and Deletion Requests.
• Lead / Assist with the investigation and reporting (where required) of potential data breaches inclusive of suggesting control improvements to prevent reoccurrence.
• Lead / Assist with the development of KRIs and KPIs for GDPR Compliance.
• Participate in the development and roll out of projects related to Data Protection
• Lead / Assist in the review of Data Privacy Impact Assessments performed by the Data Controller.
Lead the development of effective relationships and structures across all settings
The post holder will:

• Ensure the development of effective relationships and communications with internal and external stakeholders.
• Participate in communication strategies designed to promote awareness of our GDPR obligations with internal and external stakeholders.
• Lead the development of effective relationships between the national office and relevant services at a regional and local level.
• Build strong relationships with regional directors, area managers and key staff in Tusla.
• Participate in management meetings as required.

Health & Safety

• Comply with and contribute to the development of policies, procedures, guidelines and safe professional practice and adhere to relevant legislation, regulations and standards.
• Have a working knowledge of the Health Information and Quality Authority (HIQA) Standards as they apply to the service for example National Standards for Child Protection and Care and comply with associated Tusla – Child and Family Agency protocols for implementing and maintaining these standards as appropriate to the role.

The above Job Description is not intended to be a comprehensive list of all duties involved and consequently, the post holder may be required to perform other duties as appropriate to the post which may be assigned to him/her from time to time and to contribute to the development of the post while in office.

Please refer to the Candidate Information pack attached to this campaign for full and further detail.

Skills Required

Applicants must by the closing date of application have the following:

• A Data Protection related professional certification such as CIPP or another relevant qualification, for example: CISA, CISM, CIA, CISSP, ACOI etc.
• • A minimum of 3 years experience in the internal audit, risk management, information security or compliance areas.
• Experience participating in Senior Management meetings, report writing policy and procedure development to include understanding of data flows and identifying risks.
• Proven ability to meet deadlines and manage stakeholder expectations with a good working knowledge of Vendor Assessment.

A candidate for and any person holding the office must be fully competent and capable of undertaking the duties attached to the office and be in a state of health such as would indicate a reasonable prospect of ability to render regular and efficient service.

Each candidate for and any person holding the office must be of good

Age restrictions shall only apply to a candidate where he/she is not classified as a new entrant within the meaning of the Public Services Superannuation Act, 2004). A candidate who is not classified as a new entrant must be under 65 years of age.

  Already a member of our Talent Pool? Login here
  Join our Talent Pool + submit your application

Please enter a valid email address

This email already has a universal profile registered. Log in instead to access it

This email address is already registered with this talent pool. Please login to access your profile. Forgot your password? Simply click the link to reset

I agree to the Terms of use