Senior Privacy Manager

Job Type:

Permanent

Build a brilliant future with Hiscox
 

Senior Privacy Manager (Hiscox Syndicates Ltd)

London based with hybrid working - min 2 days in the office per week
Reporting to the Head of Underwriting Standards and Governance

Hiscox is looking for a motivated, engaging and expert Senior Privacy Manager to work in our London Market Business Unit. You must have a strong grasp of Insurance gained from within an international Insurer or from Consultancy. In this role you'll be supporting our Syndicates / Big Ticket, Guernsey, Bermuda and Reinsurance businesses.

This role has a dual reporting line, fixed to the Head of Underwriting Standards and Governance for London Market and simultaneously a dotted line into the Group Data Protection Officer.

You will be the business facing member of the privacy team responsible for the deployment of the Group framework. This will include: training, awareness about privacy principles, promotion of best practice and ensuring fundamental data protection understanding. You will own and develop a plan to ensure the Group framework is fully integrated across HSL’s geographically dispersed and technically diverse business areas. Ensuring the thorough and successful deployment of privacy framework components from Group.

Additionally you will support the group-wide privacy framework refinement, feeding back developments or regulatory impacts from your business unit’s perspective to ensure global data protection, privacy, and data ethics coverage and obligations are met. Hiscox has an established and maturing framework to deliver privacy requirements that support our customers, employees, and partners data alike this is a great opportunity to work on leading technology initiatives (including Artificial Intelligence use cases, risks and challenges) across this portfolio of work.

For certain high profile projects, you will be engaged to represent a privacy perspective and ensure all requirements are met for good privacy outcomes.

Role requirements:

• Define, own and run the annual privacy plans for the London Market business
• Execute the annual privacy plans within London Market – including BAU advisory work and transformation activity with the framework itself i.e. Controls framework, DPIA templates, ROPA campaign structure, Privacy Notice and Policy review processes
• Ensure a good level of understanding of privacy across all ‘HSL’ lines of business, devising an awareness plan to ensure swift and effective engagement.
• Report on key privacy risks by function and work in conjunction with senior functional leaders on control refinement and deployment
• Review and advise on third party contractual matters in relation to Data Protection clauses
• Ensure and support the deployment of data ethics risk management framework including AI risk management and assessment templates, thought leadership materials and awareness work
• Support the automation of the Group wide privacy controls review process
• Support the further automation of the data incident reporting process with enhanced self-reporting capabilities and improving MI functionality
• Maintain a thorough understanding of privacy and data ethics regulatory requirements across the countries of operation, proactively identifying and reporting gaps
• Collaborate with external legal and technology partners, identifying efficiencies and opportunities
• Understand and adopt risk based approaches, three lines of defence operating and multi-jurisdictional target operating models
• Present and own scope requirements as part of annual budgeting cycle
• Lead privacy training programmes, ensuring foundational understanding key functions, review and advise on core Group-wide training content - identifying gaps for improvement
• Influence senior technology and data stakeholders where appropriate to implement new privacy frameworks

Technical knowledge: 

• Proven experience of data protection and privacy excellence gained in an insurance environment
• Consultancy, Legal or Privacy operational experience could be beneficial for this role
• Legal / Data protection qualification(s) (e.g. CIPP: Certified Information Privacy Professional certification and IAPP: International Association of Privacy Professionals membership)
• Expertise in global data protection laws, regulations, and practices
• An understanding of all OR a combination of: EU GDPR, UK Data Protection requirements, US state law privacy requirements, Bermuda data protection regulations (PIPA) and key legal developments in privacy globally (i.e. international data transfers)
• Solid and demonstrable understanding of risk management
• Experience of working alongside technology projects and confidentiality engaging IT counterparts 
• Understanding of AI developments and emerging technology risk
• Working knowledge of IT security, third party risk obligations and leading privacy / GRC software solutions

Skills:

• Seamless ability to multi-task, prioritise work effectively, meet deadlines, achieve goals, and work in a dynamic and complex regulatory environment
• Ability to communicate and influence with the highest levels of management, and other key senior stakeholders within the Group
• Analytical mindset able to work independently and pro-actively
• Ability to engage with functional teams in crisis management scenarios, maintaining perspective and calmness
• Ability to diagnose an issue, consider options, approaches and execute solutions impeccably
• Demonstrable record of building controls
• Experienced communicator and influencer who can collaborate with people at all levels
• Confidently makes choices in the best interests of the organisation and deals constructively with resistance or negative reactions from others
• Ability to work in multiple time zones and the flexibility to support US colleagues in EST time zone as required
• Ability to effectively follow strategy and relates decision making to company values
• Adopts and owns assignments with authority, enthusiasm, and a can-do attitude
• Actively seeks and promotes improvements
• Genuine interest in emerging technology, regulatory landscape, and key subject matter areas

About Hiscox
As an international specialist insurer we are far removed from the world of mass market insurance products. Instead we are selective and focus on our key areas of expertise and strength - all of which is underpinned by a culture that encourages us to challenge convention and always look for a better way of doing things.
We insure the unique and the interesting. And we search for the same when it comes to talented people. Hiscox is full of smart, reliable human beings that look out for customers and each other. We believe in doing the right thing, making good and rebuilding when things go wrong. Everyone is encouraged to think creatively, challenge the status quo and look for solutions.
Scratch beneath the surface and you will find a business that is solid, but slightly contrary. We like to do things differently and constantly seek to evolve. We might have been around for a long time (our roots go back to 1901), but we are young in many ways, ambitious and going places.
Some people might say insurance is dull, but life at Hiscox is anything but. If that sounds good to you, get in touch.
You can follow Hiscox on LinkedIn, Glassdoor and Instagram (@HiscoxInsurance)

Diversity and flexible working at Hiscox
At Hiscox we care about our people. We hire the best people for the job, and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success. We also understand that working life doesn’t always have to be ‘nine to five’ and we support flexible working wherever we can. No promises, but please chat to our resourcing team about the flexibility we could offer for this role.

#LI-AS1

#LI-Hybrid

Work with amazing people and be part of a unique culture