Privacy Officer

Kick-start your career in the online gaming world and experience the very latest in technology and innovation.

The Department:

The Data Privacy team will sit under the Group Legal department, ultimately reporting into the Group General Counsel, and is responsible for ensuring compliance with global Data Privacy Regulations across the Super Group. We identify risks associated with Data Privacy Regulations across the Group and advise the business on appropriate controls to effectively treat those risks. We always put data protection compliance first to help the business design and implement controls to protect the brand from those risks and provide testing and monitoring capabilities to report on the effectiveness of these controls to senior management. We take a pragmatic approach to risk management ensuring that inherent risks are managed effectively to facilitate the business’ commercial objectives with innovative solutions in the spirit that “Everything is possible”.

Super Group aims to deliver “crystal clear compliance”, including Data Protection and Privacy, in an open and transparent manner whilst striving to be technologically innovative and leaders, rather than followers, in the online
gambling industry. In keeping with this, we ensure that the controls we implement are automated, as much as possible, and service the needs of the business by facilitating growth in a timely manner in a rapidly changing, fastpaced
and complex, challenging working environment.

The Data Privacy team is customer focussed and is here to protect our customers, and employees as well as to make decisions, give advice and deliver a service that protects and enhances the reputation of the company. Our work
requires vigilance, understanding, empathy and brand integrity along with a focus on the bottom line. We use the latest technologies to support us as much as possible, to aid the business in its core objectives.

Purpose of the role:

The Privacy Officer (Advisory) will support the delivery of the privacy programme across Super Group’s global business, as well as developing and promoting good personal data governance and a privacy-first culture within the business. They will support the Privacy Manager(s) in providing advisory services to nominated Group entities. They may also act as the Lead Advisor to specific entities, liaising with relevant key stakeholders and being actively involved in reporting to and advising the related Boards of Directors and Executive Committees for those entities as appropriate. They will be directly responsible for ensuring that advice and support to the business is provided in a pragmatic, timely and consistent manner not only to these nominated entities but across all group entities supported by the Privacy team as required. They will ensure that regular activity reports are provided to the Privacy Manager and that any required escalations to the Group Data Protection Officer are made in a timely manner.

You will be responsible for:

• Supporting the Privacy Manager(s) on providing advice and support to nominated Super Group / SGHC entities,

• liaising with relevant stakeholders across the business as appropriate

• Representing the Group Privacy Team at relevant nominated entities’ Committees and Board Meetings as

• appropriate

• Supporting other members of the Privacy Advisory team in providing services to their nominated entities as

• required to ensure timely and consistent services are provided across the Group

• Providing input to the development of Group-wide Privacy Frameworks, Policies, Procedures and Processes

• Monitoring compliance with the EU / UK GDPR, PECR and any other relevant data protection laws

• Providing input to the development, review and oversight of appropriate Group-wide policies and procedures for data privacy

• Provide support in ensuring privacy programme processes and procedures are established and adhered to across all brands, jurisdictions and offices

• Providing expert input into projects with regulatory impacts

• Creating and maintaining internal records and logs of control status, overall compliance levels, consent management and Records of Processing Activities

• Supporting the Privacy Manager(s) in ensuring that the nominated entities’ Register of Processing Activities are reviewed and updated on a regular basis

• Providing the business with commercially aware advice and support on data protection, based on expert knowledge and empirical evidence

• Being a key stakeholder and advisor in business wide projects

• Maintaining an expert knowledge of data protection legislation, regulations and best practice

• Maintaining strong knowledge of regulatory frameworks and risk treatment and mitigation strategies

• Supporting and advising the IT/IS teams to ensure we meet requirements of Article 32 of GDPR

• Providing support in ensuring that privacy related training and awareness is maintained across the business

• Providing expert input into the development of strategies and relationships to mitigate the risk of data processors employed by SGHC companies

• Reviewing and advising on privacy impact assessments to ensure privacy by design and privacy by default

• Being an escalation point for any security incidents affecting personal data

• Being a proactive advocate and brand ambassador of the Privacy Programme across the business and push for the delivery of its objectives, through training enhancements and privacy framework enhancements

• Assisting in ad hoc duties as and when required

This job description is not intended to be an exhaustive list of responsibilities. The job holder may be required to complete any other reasonable duties in order to achieve business objectives.

You will have (Essential criteria):

• Minimum of 3 years’ experience in a data protection role

• Previous experience in a privacy role in a multinational or global organisation (ideally for a predominantly online

• B2C business) Exceptional attention to detail & accuracy in all aspects of the role in high pressure and time constrained working environments

• Ability to create and document operational processes and procedures

• Experience in monitoring data protection controls and identification of risks

• Track record of delivering on a range of privacy programmes within a commercial environment

• Demonstrable experience developing, and delivering on, a strategic plan

• Experience in managing and reporting data breaches / incidents, and advising on remedial action

• Exceptional communication and influencing skills and ability to act as advocate for establishing the privacy programme throughout the business

• Knowledge of the Information Security or Cyber Security domains, whilst always putting Privacy first

• Proven ability to interface professionally and effectively with regulators, legal advisors & external companies

• Ability to provide commercially astute risked-based advice and recommendations for business

• Good working knowledge of industry standards such as ISO27001, NIST and SANS

• Privacy qualifications such as the CIPP/E and/or CIPM

It would be a bonus if you also have (Desirable skills):

• Strong knowledge of the online gambling industry

• Experience running a Working Group or Committee

• Good understanding of project and programme methodologies such as Prince2 and Agile

• Experience reviewing contracts

• Knowledge of wider regulatory requirements such as gambling regulation and money laundering

• Knowledge of auditing frameworks and international standards, such as ISO 27001 and PCI DSS

• Media trained and comfortable representing the business at external events

• Strong project management skills

• Ability to work effectively under pressure and to manage sensitive and confidential information
   

Personal qualities:

• Results driven

• Collaborative approach to work

• Flexible and creative approach to problem solving

• Willingness to learn and develop

• Resilient and assertive

• Energetic and personable

*Please note we will apply relevance to our Talent Management and Talent Development Programme as part of our recruitment process.

*Shortlisted candidates may need to complete an assessment.
 

This position requires trust and honesty it has access to customers financial details - therefore a credit and criminal record check will be conducted. The qualifications identified herein are an inherent job requirement; therefore, a qualification verification check will be done. By applying for this role, and supplying the necessary details, you hereby grant us permission to apply for these checks. This will be done in a confidential manner, and solely for the purposes of verification.

Should you not hear from us within 2 weeks, please deem your application as unsuccessful.

The perfect place to work, play and grow!