Data Protection and AI Governance Business Partner
Job Description
Job Title: Data Protection and AI Governance Business PartnerContract Type: PermanentSalary: £ 37,115.62 Per Annum (£41,023.00 Per Annum is achieved after 12 months successful performance in the role)Working Hours: 35 Hours per weekWorking Pattern: Monday - Friday, HybridLocation: LiverpoolIf you share our values and are excited about making a significant impact at Riverside, please ensure you attach a current CV and covering letter. At Riverside we recruit to potential not just on skills and experience, so we encourage you to apply even if you don't meet all the essential criteria on the job description.
Please note that whilst we will accept applications on the basis of any form of valid legal permission to work in the UK, we will be surrendering the Riverside Sponsorship licence, so for the avoidance of doubt, we are unable to apply for any further sponsorships whether on behalf of existing colleagues or candidates.
The difference you will make as a Data Protection and AI Governance Business Partner
To partner with business functions to provide expert administrative support and guidance to the Group to support compliance with data protection and privacy under the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), Privacy & Electronic Communication Regulations 2003 and associated legislation The role will report directly to the Lead Data Protection Business Partner, who will provide advice and guidance and assist in training and development.
About you:
We are looking for someone with:
• 3+ years of demonstrated experience in a data protection/information governance focused role.
• Understanding of Data Protection and other associated legislation
• Good level of IT skills and literacy
• Proficiency in Microsoft 365 Applications
• Excellent written and verbal communication skills
Why Riverside?
At Riverside, we’re a housing association with a difference – enhancing the everyday for all our customers. For 90 years, we’ve been revitalising neighbourhoods and supporting communities by providing the homes they need to live full, fulfilling and rewarding lives.
We have a portfolio of over 75,000 affordable residential and retirement homes across the UK. Our work ranges from homelessness services to social care, employment support to retirement living, and we need the best people on board to help us.
Working with us, you’ll enjoy:
• Competitive pay & generous pension
• 28 days holidays plus bank holidays
• Flexible working options available
• Investment in your learning, personal development and technology
• A wide range of benefits
Diversity and Inclusion at Riverside:
We are inclusive. At Riverside, we value diversity in all its forms. We foster a workplace where all individuals are respected, empowered, and heard. Our commitment to inclusivity drives our success and enriches the lives of our customers and colleagues.
Riverside is a Disability Confident Employer and operates a Guaranteed Interview Scheme for any applicant who declares they have a disability. If the applicant meets the minimum requirements for the role (as set out in the role profile and/or person specification) they will be guaranteed an interview.Applications may close before the deadline, so please apply early to be considered
Role ProfileData Protection:
• Support the Group Head of Data Protection, Transparency and AI Governance and the Lead Data Protection and AI Governance Business Partner in the execution of their duties
• Administer and manage all statutory records held by the Data Protection & AI Governance Team relating to data protection, AI Governance and associated legislation, including mailboxes.
• Administer all data breaches and information rights requests received including retrieving data, reviewing, redacting and applying exemptions on behalf of the Group Head of Data Protection, Transparency and AI Governance and within strict statutory deadlines.
• Champion information rights, providing clear and coherent guidance to colleagues, customers, partners and suppliers.
• Provide support and guidance for the data protection impact assessments (DPIAs) process within the Group.
• Act as first point of contact within the Group for queries relating to data protection and associated legislation.
• Provide practical second line advice, guidance and support to all relevant areas to the Group.
• Support the review of relevant contracts (data processors, information sharing agreements, etc) for the Group to ensure data protection compliance.
• Assist in the preparation of papers for the relevant committee/board meetings.
• Produce relevant management information for the Group, including breach reporting, key risk reporting and compliance with statutory timeframes.
• Prepare the renewal for relevant registration/subscriptions e.g., Information Commissioners’ Office.
• Plan, coordinate and develop regular, timely and relevant internal data privacy communications via appropriate channels.
• Support business functions in developing control frameworks that deliver compliance with the DPA and FoIA.
• Assist in maintaining the register of processing activity for the Group.
• Provide input into the testing of business functions compliance with Policy and processes –thematic reviews, conformance and assurance programs and audit.
• Promote continuous improvement in compliance with all DP, FoIA and compliance matters.
• Work collaboratively with colleagues who have other Information Governance responsibilities.AI Governance
• Contribute to the development and implementation of the groups AI governance framework and best practices across the Group
• Maintain up-to-date records of all AI systems, projects, models, and third-party engagements across the Group
• Support the documentation and cataloguing processes for AI initiatives, ensuring accuracy and completeness.
• Advise on appropriate organisational controls to support AI governance, including the use of designated tools and technologies.
• Advise on potential reputational, cultural, economic, legal, and regulatory risks associated with AI systems and applications.
• Participate in AI risk classification, assessment, and mitigation activities as directed by the Head of AI Governance/Lead Business Partner
• Conduct due diligence and risk evaluations for AI initiatives involving external vendors or partners.
• Assist in the completion of regular reports and dashboards on AI compliance, risks, and performance metrics for leadership review.
• Assist in developing and delivering training programs on AI ethics, governance, risk, and compliance to internal stakeholders.
• Promote awareness of responsible AI practices across the Group
• Collaborate with internal and external stakeholders to support responsible AI practices and knowledge sharing.Cross Team Working
• Assist in driving cohesion between the DP team and other functions in the Group Information Governance function
• Support the Group Head of Data Protection, Transparency and AI Governance to ensure that the team acts as a true second line of defence
• Ensure excellent service for all colleagues and customers when providing advice, support and lessons learntOther
• Role model, champion and embed Our Riverside Way and ways of working, collaborating with colleagues across the business to achieve the Riverside aspired culture.
• Comply fully with all Group policies and procedures including the standing orders and financial regulations.
• Comply with and champion the Equal Opportunities and Diversity Policy.
• Comply with the Data Protection Act (all employees will not disclose or make use of for their private advantage any information held on record which is not available to the public).
• Carry out any other reasonable duties as required.Other Information
• The Group has offices across the UK and on this basis, there will be the requirement to travel to other locations to effectively perform this role.
• The role will be exposed to sensitive information; therefore, the role holder is expected to maintain levels of confidentiality at all times.
• To fulfil the requirements of this role, you will be required to work flexibly during the hours of operation.
• The role holder is expected to be committed to equal opportunities and to promote non-discriminatory practices in all aspects of work undertaken.
Person specificationKnowledge, Skills and ExperienceEssential
• 3+ years of demonstrated experience in a data protection/information governance focused role.
• Understanding of Data Protection and other associated legislation
• Good level of IT skills and literacy
• Proficiency in Microsoft 365 Applications
• Excellent written and verbal communication skills
• Stakeholder Management
• Demonstrate self-motivation
• Have good analytical skills with attention to detail
• Ability to work under pressure and meet deadlines
• Ability to prioritise workload and demonstrate good organisational skills
• Be proactive in setting goals and achieving deadlines
Desirable
• Experience in a highly regulated sector
• Experience in Relevant certifications (such as CIPP/E, CIPM, AIGP, PC.dp, BCS, completed DP LV4 apprenticeship)
• Experience in AI Governance and/or AI Ethics
• Good level of AI Literacy, utilising generative/agentic AI
• Customer focused