Data Protection & Information Officer
Location: Nationwide (with occasional travel to regional offices and Dublin HQ) - 3 days in HQ or regional office/2 days remote work.
Reports to: Board Secretariat and Compliance Manager, with a secondary reporting line to the CEO
Contract Type: Full-time, Permanent
Overview
An opportunity has arisen for an experienced Data Protection & Information Officer to join a statutory body with a national remit focused on environmental protection and sustainability.
This role is central to ensuring the organisation meets its significant privacy, data protection, and information governance obligations, in line with legislative and regulatory standards. The position also oversees the management of Freedom of Information (FOI) and Access to Information on the Environment (AIE) services.
The Role
Reporting directly to the Board Secretariat and Compliance Manager, the successful candidate will play a key role in implementing data protection strategy, ensuring compliance with GDPR and related legislation, and supporting organisational transparency and accountability.
Key Responsibilities
Data Protection
- Advise on obligations related to the processing of personal data under GDPR and other data protection legislation.
- Monitor and report on organisational compliance with data protection laws.
- Provide guidance on conducting Data Protection Impact Assessments (DPIAs) within a Privacy by Design framework.
- Maintain a current and compliant record of processing activities (RoPA).
- Act as the primary liaison with the Data Protection Commission.
- Serve as the contact point for all data protection queries, data subject rights requests, and data breach incidents.
- Develop and deliver staff training, policy updates, and awareness initiatives.
- Promote adherence to data retention and records management policies.
- Lead on the completion of key data protection projects and the delivery of the organisation's 2026 Data Protection Strategy.
- Liaise with ICT and procurement teams on tenders involving personal data processing.
- Oversee privacy compliance for digital assets, including cookie management.
- Review and monitor implementation of new data-driven initiatives, including body-worn camera systems.
- Ensure compliance with obligations under the Data Sharing and Governance Act 2019.
Information Governance
- Manage and maintain Freedom of Information (FOI) and Access to Information on the Environment (AIE) processes.
- Oversee the processing and logging of Data Subject Access Requests (DSARs).
- Provide or coordinate relevant training and updates to maintain statutory compliance.
- Ensure all compliance information published online is accurate and up to date.
- Monitor annual GDPR awareness training completion across all staff.
- Implement assurance measures to maintain stakeholder confidence in governance practices.
Secretariat Support
- Provide administrative and compliance support to the Board Secretariat and Compliance function as required.
- Participate in relevant cross-government networks, including the Civil Service DPO Network.
- Act as Secretariat for internal compliance and AI steering groups.
Key Requirements
Essential
- A recognised third-level qualification (minimum NFQ Level 7) or equivalent.
- Minimum 3 years' experience in a similar or related compliance, data protection, or governance role.
- Full Category B driving licence (valid in Ireland) and willingness to travel to regional offices when required.
- In-depth understanding of data protection law, GDPR, and FOI/AIE legislation.
- Proven track record in managing compliance programmes and monitoring organisational adherence.
- Experience developing and delivering data protection and compliance training.
- Strong communication and stakeholder engagement skills, including experience presenting to senior management.
- Excellent attention to detail, organisational ability, and process-driven mindset.
- Proficient in Microsoft Office with strong IT literacy.
- Ability to prioritise effectively in a dynamic environment and demonstrate sound judgment and discretion.
Desirable
- Qualification in Compliance, Data Protection, Governance, Legal, or Business.
- Experience within a public sector or State agency context, ideally familiar with the Code of Practice for the Governance of State Bodies.
