Hello, we're Starling. We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 2,300 people across our London, Southampton and Cardiff offices and will open our Manchester office later on this year.
To support our ongoing growth we're looking to recruit a Privacy Analyst who will be responsible for promoting and overseeing data protection compliance across the Bank, specifically within the security and technology sector.
You will support and report directly into the Data Protection Officer (DPO) and will have significant exposure across the Bank. The role represents a fantastic opportunity to join a vibrant institution and to shape the Bank's attitude and approach to data protection.
The Privacy Analyst will:
- Report directly to the Data Protection Officer on the Bank's level of compliance with the DPA 2018 and UK GDPR.
- Analyse and evaluate compliance with relevant data protection regulations, standards and frameworks specific to technology and security.
- Collaborate with the Cybersecurity team and Chief Information Security Officer (CISO) to offer proactive advice on data protection matters such as data loss and prevention.
- Provide appropriate oversight, review and challenge of relevant 1st line activities and controls from a data protection perspective, considering the application of the data protection principles, individual rights and the Bank's ability to demonstrate its compliance in this area.
- Monitor privacy controls against policies and procedures, complete data protection assurance reviews from start to finish (with minimal input from the DPO) and produce reports to a standard that can be presented at Board-level
- Work with Digital & Technology teams to offer advice on project work relating to cookies, data collection, processing and retention/deletion of data.
- Support the DPO with due diligence activities and risk assessments, including DPIAs
- Produce data protection MI for regular reporting into the Bank's risk governance committees, to support decision making and allow Starling to demonstrate its accountability in respect of security and technology activities.
- Maintain Article 30 Records of Processing Activities (ROPA).
- Support the DPO with personal breach event management, including undertaking risk assessment to assess the breach severity and advising on any corrective actions needed to mitigate future risk - to Starling and/or individual(s)
- Help drive a positive data protection culture and promote compliance awareness across the business, including developing data protection awareness campaigns and training programs
- Maintain expert knowledge of the data protection environment through frequent horizon scanning of new regulatory requirements and monitoring the industry landscape for any trends and best practices related to data protection
- 2 - 4 years of professional experience in a role involving privacy compliance, preferably within financial services, although this is not compulsory
- A recognised Privacy qualification is preferred (e.g. CIPP, CIPM etc.) or a willingness to become qualified within the first 12 months of employment
- In-depth knowledge of data protection laws and regulations, with the ability to express complex ideas or legislation in easily understandable ways
- Ability to read and digest data protection legislation and summarise key points
- Demonstrable ability to analyse privacy problems and communicate solutions to a wide range of audiences.
- Proven experience of conducting data protection assurance activities from start to finish, reviewing (and challenging) Data Protection Impact Assessments (DPIAs) and supporting the business on privacy related matters.
- Excellent communication skills and report writing skills.
- Experience with spreadsheets would be an advantage, as would the ability to produce accurate and timely management information and dashboards.
- High work standards with a strong attention to detail.
- Self starter; proactive attitude, committed to continuous improvement and willing to drive different initiatives.
- A genuine interest and desire to work in the Privacy field.
- 25 days holiday (plus take your public holiday allowance whenever works best for you)
- An extra day's holiday for your birthday
- Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
- 16 hours paid volunteering time a year
- Salary sacrifice, company enhanced pension scheme
- Life insurance at 4x your salary
- Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
- Generous family-friendly policies
- Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
- Access to initiatives like Cycle to Work and Salary Sacrificed Gym partnerships
You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway.
We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems.
Starling Bank is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.
By submitting your application, you agree that Starling Bank may collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we may process, where we may process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.