About the job

Job summary

Where business needs allow, some roles may be suitable for a combination of office and home-based working.  This is a non-contractual arrangement where all office-based employees will be expected to spend a minimum of 60% of their working time in office, subject to capacity and any required workplace adjustments.  Requirements to attend other locations for official business, or work in another MOD office, will also count towards this level of attendance. Applicants can request further information regarding how this may work in their team from the Vacancy Holder (see advert for contact details). Defence Business Services cannot respond to any questions about working arrangements. 

Do you want to work for the Defence Infrastructure Organisation (DIO) and care for the Defence Estate? DIO enables Defence to live, work, train and deploy, all with sustainability in mind. From net carbon zero accommodations to runways for the F35 fighter jets; our outputs are unique in the UK and across the globe!

Learn much more about DIO in our Candidate Information Guide attached. 

This position is advertised at 37 hours per week. 

About DIO

View our YouTube video to see more about our work

Job description

This post within the Business Management pillar is responsible for the promotion of compliance with the Data Protection Act 2018 and General Data Protection Regulations (GDPR) across DIO. The post holder will be the first point of contact for any enquiries relating to the GDPR, advise on procedures to deal with data protection impact assessments (DPIA) and subject access requests (SAR) and liaise with Departmental peers and authorities regarding how best to implement and maintain GDPR standards within DIO.

Other duties include:

• Promoting adherence to Data Protection policy and other central guidance within DIO.
• Provision of policy advice to the Information Asset Owners and Senior Information Risk Owners.  Engaging with the Data Protection Officer’s team and other information rights professionals where necessary to ensure advice is accurate and robust.
• Advising on the production of and undertaking review of all DPIAs, some of which represent complex processing activities.  
• Advising Local Data Protection Advisors (LDPA) on the production of smaller scoped screening assessments.
• Working with the MOD’s Commercial Team to seek assurance that Delivery Partners and 3rd party suppliers (data processors) meet the MOD’s standards when processing MOD personal information.
• Support the Warning Advisory Reporting Point and MOD Data Protection Officer in investigating data breaches. This includes providing guidance to DIO colleagues regarding breach resolution, along with the actions required to prevent further occurrences.
• Represent DIO at the Data Protection Steering Group and any other relevant workshops.
• Provide advice and support for the recording of Information Assets, with particular focus on Records of Processing Activities (ROPA).
• Undertake data protection assurance activities across DIO, highlighting gaps and agreeing corrective actions as necessary.
• Providing operational support for the response to Data Subject Requests.  In particular, the PDPA, will on occasion, manage responses to Subject Access Requests.
• Providing the Data Protection Officer’s team support in response to data protection complaints. 

The PDPA will provide guidance and support to a network of Local Data Protection Advisors across DIO but does not provide line management duties. While the PDPA is managed by the Business Management Lead they are professionally overseen by the MoD’s Data Protection Officer and operate on their behalf. 

Person specification

Leadership & Management 

• Demonstrate a personal commitment to displaying the Defence purpose 4C’s - Capable, Curious, Collaborative, Committed, and the eight attributes of leadership
• Support line manager in delivering departmental goals
• Develop skills and demonstrate subject matter expertise in own field
• Ensure local compliance with mandatory requirements e.g., H&S training
• Promote strong working relationships both within the team and with other teams across DIO and MOD

Data Protection

• Act as the focal point within DIO for all data protection queries, particularly those relating to the General Data Protection Regulations (GDPR)
• Carry out informal checks across TLB business units to ensure DIO compliance with the GDPR and highlight risk areas as appropriate
• Ensure agreements are in place with Industry Partners on the handling of personal data
• Review with their business owners/representatives all data protection impact assessments received
• Support the processing of subject access requests
• Network with data protection peers and policy staff across MOD
• Monitor changes in law or regulations relating to data protection that may affect DIO and manage the changes to ensure continuing compliance
• Liaise with the Information Commissioner Office in relation to the processing of personal data, responding promptly to any request for information made by the Information Commissioner and any other relevant regulator or law enforcement agency

Business & Stakeholder Engagement 

• Engage with key CIO and other DIO business teams to ensure effective measures are in place when handling personal data including reviewing new or changed business processes
• Assist in the analysis of business requirements, identifying any issues with personal data management and working on improvements or amendments to processing as required
• Communicate with senior stakeholders to present information that will support effective decision making and inform spending decisions
• Promote a culture of awareness of personal data security throughout DIO

Performance Reporting

• Develop and maintain effective tools to assist business areas with ongoing GDPR compliance activities
• Develop corporate reporting dashboards in line with the DIO Corporate approach   

Benefits

Alongside your salary of £35,290, Ministry of Defence contributes £9,528 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Things you need to know

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Experience and Technical skills.

Please ensure that at the application and interview stages of the campaign you review the Success Profiles Framework to assist you in the demonstration of your skills and experience.
    
Your suitability for the role will be assessed using the Success Profile elements that have been chosen for this campaign. Each element will be scored accordingly, and the successful candidate will be appointed on merit.

At application you will be assessed against the following:

Experience:

• CV - including Job History, Full Qualification Details and Previous Skills & Experience
• Personal Statement - in no more than 500 words, please outline your experience and suitability within Data Protection

At interview you will be assessed against the above PLUS the following:

Technical:

• SFIA Competency Framework - Skill - Personal data protection (PEDP) - Level 5.

We want to offer opportunities to all who are successful at interview for our roles, but this isn't always possible, so we do hold candidates on an active reserve list for 12 months. It is also possible that we may offer similar lower graded role/s to reserve candidates or, if no reserves are appointed, candidates that meet the lower grade criteria in merit order.

Application sifting is scheduled to take place on week commencing: 10/06/24

Interviews are currently taking place via face to face, this will be confirmed with the successful candidates who are invited to an interview and will be conducted week commencing: 17/06/2024  

A minimum of 2 full working days’ notice will be provided for interviews. We endeavour to stick to these dates, but these are subject to change around business needs. 

To assist with your application please find attached below:  

1. DIO Candidate Information Guide
2. DIO Candidate Information Guide - Accessible Version

For help and support with your application check out our

Civil Service Careers Homepage and the How to apply section

Civil Service Careers

Discover careers in the Civil Service

The Civil Service embraces diversity and promotes equality of opportunity. There is a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. If you need to advise us that you need additional help or reasonable adjustments for the recruitment process, please contact: DBSCivPers-Resourcingteam3@mod.gov.uk . 

As a result of the changes to the UK immigration rules which came into effect on 1 January 2021, the Ministry of Defence will only offer sponsorship for a skilled worker visa under the points based system, where a role has been deemed to be business critical.  

The role currently being advertised has not been assessed as business critical and is therefore NOT open to applications from those who will require sponsorship under the points based system. Should you apply for this role and be found to require sponsorship, your application will be rejected and any provisional offer of employment withdrawn. 

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.