Legal Counsel - Privacy

  • Job Reference: R0023383
  • Date Posted: 11 May 2022
  • Employer: Centrica
  • Website:
  • Location: Windsor, Berkshire
  • Salary: On Application
  • Bonus/Benefits: Bonus, Pension, Car Allowance & Benefits
  • Sector: Law
  • Job Type: Full Time

Job Description

Legal Counsel - Privacy

As a Legal Counsel, you will help to develop and deliver strategic risk-based advice to stakeholders across Centrica and help ensure we comply with our obligations under privacy and data-related laws.

The variety of the privacy-related work means that as a Legal Counsel, you'll need to be able to exhibit a highly flexible and inquisitive approach to how you deliver privacy and data protection work.

You should be confident managing a diverse set of stakeholders, be able to prioritise effectively and deliver high quality privacy work. You will have a strong understanding of UK Data Protection Act 2018, the UK GDPR, the EU GDPR and the UK PECR and ICO Data Sharing Code.

The Role:

  • Assist in the creation, maintenance and implementation of policies, processes and data inventories relating to processing of data

  • Deliver privacy and data protection support across the business including advising on data breach or security incidents

  • Assist the Head of Legal - Privacy and the Group Data Protection Officer (DPO) to drive greater awareness of data privacy across Centrica group companies and act as deputy DPO

  • Support our Commercial Legal, Procurement, and the InfoSec teams in the UK in reviewing, negotiating and advising on various types of data protection agreements

  • Assist the Head of Legal - Privacy and the Group DPO to oversee the data privacy risk framework which assesses and mitigates risk in all areas across the Group

  • Keep informed of industry-specific laws and regulations and ensure that appropriate risk management strategies are in place

  • Develop strong stakeholder relationships and networks within the function to support the delivery of objectives and the management of risk

The Person:

  • Professionally Qualified lawyer with demonstrable relevant experience

  • Experience of drafting contracts and negotiating data protection agreements

  • Experience in developing policy and privacy compliance training would be an advantage

  • A strong working knowledge of the UK GDPR, UK DPA and the PECR and a good understanding of other major privacy and data protection frameworks

  • Confident in interpretating and advising on regulatory and compliance requirements

  • A good comprehension of information technology and data management systems i.e. One-Trust would be beneficial

  • Exceptional interpersonal skills with proven experience in relationship building and partnering with stakeholders

  • Experience of working in a consumer facing, regulated industry and an understanding of wider regulatory pressures