Information Security Officer – Data Protection And Compliance

At Bravura Solutions, collaboration, diversity, and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture.
As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers.
Position Purpose Based in our London Office, this role will be the lead Information Security Officer and expert on Data Protection (DP) matters, focusing on the global DP regulations (e.g. EU16 GDPR, Australian Privacy Act, New Zealand Privacy Act, Protection of Personal Information Act 4 of 2013 etc.) including the organisation DP Management System (DPMS). The Information Security Officer will ensure that sound policies, procedures, and systems are in place so that Bravura Solutions can demonstrate compliance with the global DP legislation.
Main Activities Whilst we expect all our employees to do what needs to be done to demonstrate their support of Bravura Solutions, below are some specific aspects of your role for which you will be responsible:
Data Protection Ensure that Bravura Solutions is aware of and complies with DP law, best practice and any case precedents, interpreting law changes into practical policies and procedures.Implement measures and a privacy governance framework to manage data use in compliance with applicable legislations.Work with key internal stakeholders in the review of projects and related data to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments including developing templates for data collection, assisting with data mapping, and vendor management reviews.Identify, test, and improve controls on the confidentiality, integrity, and availability of personal data.Be the first point of contact for enquiries from staff on DP and subject access requests, providing them with appropriate advice and guidance.Coordinate and conduct data privacy audits.Draw up a DP Policy from the GDPR regulations, paying attention to new concepts and terminology and changed nuances of DP law.Work closely with colleagues to render the DP Policy into operational procedures for customer-facing staff to use.Undertake proactive work and enforcement measures that promote good DP working practices and compliance with GDPR requirements.Enshrine new principles, e.g. Privacy by design and DP by default.Create registers as required by legislation, e.g. the type of personal data that we hold, who processes it, and who we share it with.Look at technical aids that support compliance (e.g. encryption, Data Loss Prevention).Carry out DP audits and spot-checks to monitor compliance.Ensure subject access requests are responded to within prescribed timescales.Deal with more complex and difficult DP complaints, including appeals.Act as the primary point of contact between the company and regulatory authorities in all jurisdictions during data protection incidents, ensuring timely communication and compliance with reporting obligations.Documentation Design the documentation needed for use with the procedures:Data Protection Impact assessmentsPrivacy impact AssessmentsData Inventory RegisterData FlowsSAR ProcessCompliance DocumentsPrivacy Framework and processesReview of client contractual requirementsSupplier onboarding contract review and support in annual reviewsThird Parties Examine arrangements for third parties who process the personal data of our residents and employees to ensure compliance with the new regulations.Work with legal representatives to ensure that information-sharing with partners/suppliers is lawful and falls under appropriate protocols and codes.Risk Ensure that managers are aware of the risk element of data protection, GDPR, and any other relevant regulations implementation, including monitoring through the Risk register.Maintain a risk assessment process for personal data including DP Impact Assessments.Training Design and carry out training programmes to achieve compliance, e.g. Detailed, practical training for client-facing staff.More general GDPR awareness training for other staff.Carry out ongoing DP and privacy training to maintain awareness.In addition to the above position-specific responsibilities, all employees are required to undertake any other reasonable duties and responsibilities within your capability and skills, when requested to do so.
Minimum Requirements Experience in Information Security, data protection, and legal compliance.Work experience in data protection and legal compliance is a plus.Solid knowledge of GDPR and applicable governing legislation such as The Australian/New Zealand Privacy Act, UK DPA, Protection of Personal Information Act 4, The Digital Personal Data Protection Act, 2023 ("DPDP Act"), Personal Data (Privacy) Ordinance, Laws of Hong Kong (Cap 486) or the PD(P)O and Personal Information Protection Act (PIPA) etc.Decision Making – capable of reaching timely and effective decisions based on the appropriate use of information.Communicating – able to identify key points for interaction which are related appropriately and with clarity.Using Information & Communications Technology (and other resources) – able to use ICT and other equipment (tools, materials, and services), safely, effectively, and efficiently.Building Customer Service – able to provide Customer/Stakeholders with a positive experience of the service delivered.Embracing Change – can readily identify and embrace change in the drive towards continuous improvement.Developing and Maintaining Relationships – able to make working relationships harmonious and productive.Maintaining and developing the organisation – able to make a positive contribution to the success of Bravura Solutions.Working at Bravura Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development.
So, what's next? We make hiring decisions based on your experience, skills, and passion so even if you don't match every listed skill or tick all the boxes, we'd still love to hear from you.
Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know.
All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits.

#J-18808-Ljbffr