In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel. 

At Kroll, your work will help deliver clarity to our clients’ most complex governance, risk, and transparency challenges. Apply now to join One team, One Kroll.

FIXED CONTRACT: 1 year (with possibility to consolidate in long term employment)

OFFICE: London (Hybrid)

RESPONSIBILITIES:

• Support business and internal firm services stakeholders in ensuring appropriate privacy terms are included in contractual arrangements with clients and vendors. 
• Identify, assess, manage and report data privacy risk issues as part of the firm’s wider privacy risk management program, and work with stakeholder groups to address and mitigate any identified gaps.
• End to end management of Data Subject Requests (DSR’s), including:
  • Processing client, employee, or third party DSR’s in accordance with firm policies and applicable laws and regulations and maintaining and updating related procedures.
  • Tracking and logging of all DSR’s on the workflow system and ensuring DSR’s are completed within firm and regulatory timelines.
  • Utilizing various firm systems and liaising with business stakeholders, including HR, in order to gather all relevant personal data.
  • Reviewing and assessing personal data content, identifying and redacting privileged, confidential and non-personal data, and applying relevant GDPR and member state law and codes of practice, to ensure (where applicable) exemptions or redactions have been correctly applied, including working with external legal counsel when necessary.
• Assist in managing the response to privacy incidents, under the direction of the Data Protection Officer and in collaboration with the Global Privacy Team, technology, legal, and business stakeholders, and monitor and track resulting remediation action plans.
• Respond to data subject and third-party queries or complaints that come into the privacy team mailbox.
• Assist the Data Protection Officer in developing and delivering bespoke training and awareness initiatives.
• Assist the Data Protection Officer and the Global Privacy Team in assessing and managing requirements related to data localization and cross border transfers.

REQUIREMENTS:

• Working knowledge of the GDPR and the UK Data Protection Act 2018 required. Working knowledge of e-Privacy Directive and related legislation a plus.
• Minimum 2-3 years in a legal or compliance function with privacy-related responsibilities.  
• Experience in drafting and reviewing contractual arrangements and data processing addendums.
• Experience in tracking cross border data transfers and conducting transfer impact assessments a plus.
• Experience in managing and providing training and awareness initiatives a plus.
• Excellent teamwork and communication skills to represent diverse communities.
• Ability to communicate with employees at all levels of a global organization.
• Intermediate to advanced Microsoft Office skills including Word and excel. SharePoint experience a plus. Relativity or similar experience a plus.
• CIPM and/or CIPP/E certification preferred but not required. Knowledge of global privacy laws a plus

In order to be considered for a position, you must formally apply via careers.kroll.com 

Kroll is committed to equal opportunity and diversity, and recruits people based on merit.

#LI-RC2