GDPR Consultant/ Project Manager London, UK

Might be available

(Updated 2024-02-14)

GDPR Consultant/ Project Manager

London, UK

Native French, English, Arabic, Spanish, Beginner Italian

  • Consultation
  • Data Protection/GDPR
  • Project Management

Skills (41)

METRICS

HR

Vendor Management

M&A

SAR

Project Management

Legal Support

CONTRACTS

VISIO

MENTORING

BUDGETING

PROJECT LIFECYCLE

COACHING

BEST PRACTICES

VENDOR SELECTION

Risk Management

ROI

PROJECT PLAN

STEERING

BUSINESS REQUIREMENTS

Legal Counsel

LOTUS NOTES

Confluence

Agile

COOKING

BUSINESS CASE

PROJECT PLANS

BUSINESS REQUIREMENTS GATHERING

MICROSOFT OFFICE

ITIL

MS OFFICE

PROJECT PLANNING

LIAISON

Scrum

Jira

IT Infrastructure Library

Marketing

TECHNICAL REQUIREMENTS

PMO

PRINCE2

ABB

Summary

High-impact, versatile and commercially astute, with an impressive record of project & programme delivery success in global finance institutions (insurance, banking sector), B2B, B2C, consulting, technology, real estate, SMEs, and blue-chip corporates.
Accustomed as a global GDPR Consultant/Regulatory Project Manager to leading highly complex strategic initiatives, engages across complex projects with potential to impact thousands of end users. Bridged the gap between business and technology.
A record delivering initiatives spanning data protection (GDPR, PIPA, POPIA, Australian Act 1988/ HIPAA, CCPA/CPRA and US state privacy laws) DORA, IFRS, infrastructure, networks, applications & cost-effectiveness, achieved via meticulous planning & attention to detail. Delivery focused, motivated by challenge, with a "can do" attitude.
Excellent interpersonal skills & customer facing skills, able to communicate and negotiate concisely at up to Board level, translating between technical and non-technical audiences, bringing clarity to secure 'buy-in'.
MSP, ITIL, PRINCE2, Agile, Scrum & Waterfall-experienced, pragmatically able to apply best practice tools.
Engaging & inspiring, experienced in managing multiple teams of geographically dispersed global resources throughout the lifecycle, harmonising teams & enabling people to grow by energising & mentoring talented staff.
Experienced in delivering change initiatives through all end-to-end lifecycle stages, from inception to BAU and benefits realisation, delivering high-quality work within fast-paced and challenging business environments.
Proven capacity to identify, analyse & solve complex problems, by designing IT/HR workable strategies, taking new approaches from concept through to successful completion.

Professional Experience

Global GDPR Consultant
Infosys

2021-03 - 2023-01

Key client-facing role engaging as a Regulatory Project Manager, working with a diverse portfolio of end clients including Berkley Europe, Davies Group (Financial services), Appliance Giant (cooking appliance).
* Understanding the data Landscape processed: Documented the personal data held (structured and unstructured data), where it came from, who it is share it with and what the Business is doing with it by creating a Record of Processing activity (ROPA) (Article 30). Identified and documented the lawful bases for processing by assessing at the various types of data processing that I Infosys's client carries out. Map data flows which included the identification of data that Infosys's client processes and how it flows into, through and out of the Business as well any risks found.
* Data Privacy Impact Assessment: Completed a DPIA to mitigate data privacy risks before implementing the new Salesforce platforms and followed up on mitigation measures identified as part of Data Protection Impact Assessment. Established a policy which sets out when I Infosys client should conduct a DPIA, who will authorise it and how it will be incorporated into the overall project plan.
* Data retention and deletion: Ensuring the unnecessary data as part of the data retention legal and the organisation retention.
* Data Retention Vendor Management: Tool selection: Managing vendor selection to automate data retention and destruction accordingly.
* M&A: Ensuring M&A understand and operationalise data privacy implications.
* GDPR/Privacy Legal and Data Transfer Implementation: Conducting LIA and TIA and establishing legal basis of each processing activities recorded on the HR IAR. Producing a categorisation of contracts based on the following criteria relating to the sharing of personal data between the EU/UK and US: * Contracts that expressly permit the vendor to rely on Privacy Shield to make data transfers to the USA and other countries * Contracts that expressly incorporate the European Commission's 'standard contractual clauses' for data transfers (sometimes referred to as 'model clauses').
* Contracts that oblige the vendor to put those 'standard contractual clauses' in place for data transfers (as a separate data transfer agreement rather than being incorporated into the supply contract) * Legal support: Supported the Legal Counsel by making sure that Legal GDPR/Privacy Addendum is sent and accepted by the third parties (Cloud providers) and employees * IT Application/ Cyber Security: * Implementing follow up of the GDPR compliance of applications and other international projects including following up on incidents and implementing further mitigation measures based on incident analysis where appropriate. Ensured continuous transparency with end users on data protection measures * Security standards: Ensuring the technical requirements meet the ISO20071, Cyber Essential and Cyber Essential Plus standards.
* Operationalise IT Subject Rights within application * Operationalise consents and cookies.
* DORA: Enhanced the operational resilience of the financial sector by establishing a comprehensive framework for digital operational resilience (ICT Risk Management, incident reporting, digital operation resilience testing and third-party risk).
* Policies and Procedure Implementation: Identifying and drafting all the Infosys's client data protection-related policies (privacy notices, Data retention, SAR, Breach, Marketing, Consent, Cookies and GDPR statement) and work with Directors and local Data Protection Officers and focal points to develop and implement throughout the Infosys client.
* Data Governance Management: Ensured the Data Privacy integration of such measures into the wider data protection framework developed within Infosys client in liaison with the International Data Protection Steering Committee and taskforce. Responsibility for driving data privacy compliance across the business, by setting and driving the data privacy best practices, and ensuring that a "privacy by design" approach is embedded within the organisation.
* Risk & Dependencies Management: Took the lead in identifying and removing potential blockers, as well as managing dependencies across teams and disciplines. E2E programme and project lifecycle management, including planning, scope & risk.
* Communication and Change Management: Liaised with international data protection teams to ensure clear communication and consistency across Infosys client systems. Provided training to local staff and tailored data protection measures to local requirements where needed * Resource Management: Successfully led teams of multi-disciplinary resources and technology resources to implement the Workday project at a global scale, embedding best practices, processes, and technology to support business needs.
* Stakeholder Management: Collaborative engagement with key stakeholders (CISO team, Solution Architect, Salesforce SMEs and other divisions), building, managing, and nurturing internal and external relationships, including Deloitte, EY, and GRCI Law, managing expectations, and facilitating decision making.
* Leadership Management: Leading and motivating of programme resources, mentoring, and coaching talented teams, including working with Business Analysts, PMO, and Solution Architects.
Key contributions and successes: * Ensured all clients is compliant GDPR and other regulation withing the timely delivery of project scope, quality and benefits/outcomes and ensured changes were fully embedded into BAU. Tracked project milestones, adjusting project plans & resourcing to meet requirements.
* Directing project plans, teamwork assignments, and monitoring ongoing work efforts * Utilised Agile, Waterfall best practice in the successful roll-out of GDPR/One Trust/DORA projects.
* Proactively identified changes in work scope & ensured appropriate planning measures were taken * Oversaw GDPR/ IT transition projects, providing reporting metrics to executives on business case ROI * Analysed risk, establishing contingency plans, and identifying trigger events and mitigating actions * Drove organisational change as part of the new data solutions roll-out, communicating project goals * Led people through structural, procedural & cultural change, securing buy-in for new ways of working
Regulatory/ Compliance Project Manager
Gambit Consulting

2020-06 - 2021-01

* Took the lead in the successful delivery of a Data Protection initiative across WTW (insurance organisation), introducing best practice for the new global data privacy, along processes and 'fit for purpose' new technologies.
* Acted as a 'trusted advisor' on data protection, IFRS and project delivery, engaging with senior-level stakeholders and building-up an accurate understanding for the business requirements for future services.
* Full project lifecycle management and delivery, including project planning, scope, budgeting & resourcing.
Key contributions and successes: * Leveraged Agile, Waterfall best practice, setting clear project delivery governance.
* Successfully implemented a key solution, including Data Protection, and IFRS projects.
Regulatory/ Compliance Project Manager
Westhouse Consulting

2018-05 - 2020-04

* Took the lead in the successful delivery of a Data Protection initiative across Expatica (insurance), introducing best practice for the new global data privacy, IFRS, along processes and 'fit for purpose' new technologies.
* Acted as a 'trusted advisor' on GDPR/ CCPA and project delivery, engaging with senior-level stakeholders and building-up an accurate understanding for the business requirements for future services.
* Full project lifecycle management and delivery, including project planning, scope, budgeting & resourcing.
Key contributions and successes: * Ensured all clients is compliant data protection project, IFRS and other regulation withing the timely delivery of project scope, quality and benefits/outcomes and ensured changes were fully embedded into BAU. Tracked project milestones, adjusting project plans & resourcing to meet requirements.
* Directing project plans, teamwork assignments, and monitoring ongoing work efforts * Utilised Agile, Waterfall best practice in the successful roll-out of data protection project, IFRS projects.
* Proactively identified changes in work scope & ensured appropriate planning measures were taken.
* Oversaw data protection project, IFRS transition projects, providing reporting metrics to executives on business case ROI.
* Analysed risk, establishing contingency plans, and identifying trigger events and mitigating actions.
* Drove organisational change as part of the new data solutions roll-out, communicating project goals.
* Led people through structural, procedural & cultural change, securing buy-in for new ways of working.
Early Career
Data Privacy Project Manager
ABB Consulting

2016-03 - 2018-04

Salesforce Project Manager
Cushman & Wakefield

2015-10 - 2016-02

Salesforce Project Manager

2015-05 - 2015-09

Post Office
ERP Project Manager
Ricoh Europe

2014-09 - 2015-05

PMO Lead/Business Analyst
London Hackney Council

2014-02 - 2014-09

PMO Analyst
Lloyds Banking Group

2013-02 - 2013-02

Global Senior PMO Analyst
Banque Populaire

2012-01 - 2013-01

Global Senior PMO Analyst
French Consulate

2010-01 - 2012-01

TLSContact - French Consulate Aug 2009 to Jan 2010 Global PMO Support Ugam Solution

Academic Background

MA in International HR Management
London Metropolitan University

2024-02 - 2011-01

BA (Hons) in Business and Management
London Metropolitan University

2024-02 - 2009-01

International Baccalaureate
Lycée International of Ferney

2024-02 - 2005-01

Certifications

* BC Software Testing Foundation (AMPG Certified), (International Software Testing Qualifications Board)
BC Software Testing Foundation (AMPG Certified), (International Software Testing Qualifications Board)
* Change Management, Agile PM, PRINCE2 (AMPG Certified), Scrum (Scrum Study)
Change Management, Agile PM, PRINCE2 (AMPG Certified), Scrum (Scrum Study)
* Business Continuity Management Certificate (ISO 22301 Certified)
Business Continuity Management Certificate (ISO 22301 Certified)
* GDPR EU Foundation Certificate (IBITGQ Certified)
GDPR EU Foundation Certificate (IBITGQ Certified)
Foundation Certificate
HIPAA

Contact contractor

/