Data Protection Officer

REF #: SVG000296

Data Protection Officer

The Data Protection Officer and Information Governance Manager will work with all departments to establish and maintain effective corporate and departmental information management processes and systems to effectively manage the information life cycle.


Galway, Ireland



Relocation Package



Data Protection

Contract Type


Consultant Contact

Gerrard Devaney

The successful candidate will be required to manage and monitor standards, processes, communications, training and systems to ensure all information is managed in line with organisational policies, procedures and guidelines and relevant legislation.

Duties and Responsibilities:

Information and Records Management

  • Overall responsibility for promoting, monitoring and further enhancing compliance with EU
  • General Data Protection Regulations (GDPR).
  • Oversee and Manage the functions and duties of the Archivist/ Records Manager
  • Ensure the policies and procedures in respect of data protection are up to date and continuously reviewed and enhanced, and monitor organisational adherence to the highest standards of data protection compliance.
  • Design and or review and sign off on appropriate data processing agreements.
  • Be responsible for the overall Data Protection Impact Assessments process;
  • Report and manage all data protection incidents and breaches and liaise with employees, affected data subjects and DPC as required.
  • Have decision making responsibility for anonymisation and pseudonymisation techniques are appropriate for particular data processing activities.
  • Review and amend all third party contracts including those for data processors to ensure that they are complaint with relevant data protection legislation and regulation;
  • Develop systems and capabilities to monitor adherence to the policies and design and deliver staff training on data protection obligations.
  • Lead and develop the Data Governance function, as a key enabler of best practice in data protection, as well as organisational process efficiency.
  • Develop and implement internal auditing processes to ensure that controls for ensuring regulatory compliance are in place and embedded throughout the organisation and report accordingly, for control and statistical purposes;
  • Manage relationship, and act as liaison with the Supervisory Authority.
  • Work with ICT to ensure appropriate security measures are in place to comply with legislative requirements and policies and procedures.
  • Implementation of Information and Records Management Policy across all directorates, departments and sections; ensuring compliance with legal and regulatory requirements and the principles of good corporate governance.
  • Lead the Liaise with Departments in relation to Information and Records Management aspects of the migration to SharePoint/Microsoft 365, and any other significant change management processes.
  • Working with a project team to ensure that information is reviewed and managed appropriately, supporting change management and embedding the benefits of change.
  • Delivering further maturity to the records and information culture and behaviours across the organisation.
  • Be responsible for managing communications with the Office of the Data Protection Commission.
  • Represent the organisation on the Data Protection Officer Network and regional network.

Freedom of Information Manager

Fulfil the duties of the Freedom of Information Officer and deal with other requests such as Access to Information on the Environment and Re-use of Public Sector Information. This will include but is not limited to:

  • Devise, review and update policy and procedures, in light of the developments in the law and guidance from the Office of the Information Commissioner;
  • Co-ordinate and assist in the processing of requests under the Freedom of Information Act, AIE Regulations and Re-use of Public Sector Information requests received by the organisation and co-ordinate the inputs required for each section to formulate and issue the response.
  • Oversee the operation of the tracking system for Information Requests
  • Keep FOI Decision Makers informed about all matters relevant to FOI
  • Liaise with all nominated decision makers to ensure that relevant advice is provided when releasing records under FOI;
  • Collating and submitting of FOI statistics
  • Ensuring the webpages are up to date providing information to the public on their rights under various access regimes;
  • Assist in the development and delivery of ongoing FOI awareness programmes, procedures and in-house training.


Each candidate must, on the latest date for receipt of completed application forms –

a) Hold a relevant third level qualification in Data Protection, Information Compliance or Records Management; (Minimum QQI level 7 on the National Framework of Qualifications or equivalent professional body)


b) A minimum of three years’ experience in the area of data protection, data management, audit risk management or compliance.

Desirable Knowledge, Training, Skills and Experience:

  • Possess an in-depth understanding of Information Management.
  • Possess substantial experience in a Data Protection or similar compliance based role.
  • Possess experience of successfully managing large scale information management projects from initiation through to implementation, ensuring the project is sustainable post implementation.
  • Possess IT skills to include familiarity with Electronic Document Management Systems (EDMS).
  • Possess knowledge and understanding of legislative background affecting records management in the local government sector.
  • Possess experience working with third party organisations to resolve issues.
  • Possess experience leading, managing and motivating teams to deliver high-quality and effective services.
  • Possess experience of applying new technologies to manage information.
  • Possess experience of identifying the key issues in complex problems and of identifying the best options to resolve these issues in partnership with stakeholders.