Data Protection Officer

Job Ref:

Job Title:
Data Protection Officer

Dundrum - Dublin 16

Closing date:
Close date not set

Vacancy Description


Founded in 1710, we are a 300-year-old organization that is empowering people to put the right things in place to prepare them for their future so that they can live a more fulfilled life free from worry and anxiety.

Built on resilience, expertise and human empathy, we provide insurance that makes people’s lives easier. We learn from our experiences and build on our strengths every day to deliver the best products and services in the market. We are always searching for the best protection for our customers with our extensive range of Commercial and Personal Lines products driven by our network of Insurance brokers, scale partners and via our brand.

With a global footprint, we have leading positions in Scandinavia, Canada, the UK, Ireland and Middle East. In Ireland, we have offices in Belfast, Galway and Dublin, where we empower our people work flexibly to suit their needs and those of our customers.  We know that if we plan for tomorrow, we can truly make a positive impact on people’s lives today. 

Looking to the future

In order to be there for our customers during their greatest challenges we are looking for like-minded individuals who will embrace our strategy:

Our Vision — our ambition:
Prepared to make the difference

Our Mission — how we will live our vision:
Harnessing human expertise with agile technology

Our Purpose — why we go to work every day:
To empower people

Our Values — our DNA:
Love simplicity, Better every day, Do the right thing, Boundless ambition

We’re looking for people that are open, engaged, curious and striving to make a real difference – not only in their own lives – but in the lives of those around them.

Culture and Community

Culture and community is a key priority within our organization.  We strive to create a diverse and vibrant workforce where everyone feels valued and everyone’s voice is heard. 

In RSA and career progression is nurtured and performance is recognized. We help people move forward in life that’s why we put steps in place to encourage our colleagues to learn, adapt and grow.

We cultivate an open and transparent culture where people can be their true selves. RSA and support a stimulated workforce where individuals feel more fulfilled in their role and more comfortable in who they are as a person. Most importantly, we care about our environment and the communities around us.

We support programmes and events that give back and enhance the lives of the vulnerable and those in need. We have a dedicated Corporate Responsibility programmes that facilitates new ways of thinking to help reduce our carbon footprint, protect our planet for future generations and give back to our communities.


Data Protection Officer

This role involves managing all aspects of the RSA Data Protection Policy to ensure that RSA continues to comply with its Data Protection Requirements and obligations under GDPR. A key part of this role will be to manage the relationship with the Data Protection Commissioner.

The role requires ensuring all key stakeholders are kept informed of material issues relating to Data Protection compliance. An important part of the role will be to work closely with the business to ensure appropriate implementation of an effective Data Protection culture across all parts of the business including RSAII, 123 and RSANI.

There is a significant advisory and business partnering component with all parts of the organisation together with significant interactions with Board Risk Committee members, Executive Team Members and External stakeholders.

The role also includes management and oversight of Data Protection Risk Incident reporting process, ensuring appropriate root cause analysis and remediation activity is undertaken by the business and that the control environment is strengthened as a result. The role plays an important part in developing and evolving the company’s risk culture. The role will play a key part in the successful delivery of RSAII’s data and digital strategies.


Key Responsibilities:

  • Day to day responsibility for ensuring that the Standards and Controls necessary for compliance with the Data Protection Policy are developed and maintained.
  • Develop an approach for training and awareness across the organization
  • Provide expert advice and guidance to the business on data protection regulations, requirements and controls.
  • Monitor compliance with Data Protection requirements across all RSA businesses through the Compliance Monitoring Process
  • Maintain the Data Privacy Impact Assessment (DPIA) document and process.
  • Maintain the data breach notification process to notify the ODPC, and where appropriate, data subjects in the event of a material personal data breach.
  • Maintain documented procedures for handling Data Subject Rights (DSR) requests.
  • Undertake an annual review of the Data Retention Schedule.
  • Support the implementation of a Third-Party Management process for DP as defined by Head of Procurement
  • Delivery of suite of Management Information on Data Protection activities
  • Work with Regulatory Compliance team to ensure the compliance plan includes reviews in relation to Data Protection compliance.
  • Report to CRO, ET and BRC on performance against DP related compliance reviews
  • Update and maintain the data inventory
  • Enhancing the culture of Data Protection Risk Incident reporting and root cause analysis on an ongoing basis within the business
  • Build a strong advisory and consultative capability within the Risk Function focused on the Internal Control Framework particularly with respect to Data Protection
  • Participation in appropriate Data Protection forums within Intact.



  • The jobholder will be office based in the Dublin but may be required to travel to the Galway, Belfast and /or the UK occasionally
  • 6 years plus relevant experience in a compliance environment
  • Expertise in national and European data protection laws and practices including an in-depth understanding of the GDPR;
  • Understanding of the data processing operations carried out by an Insurance Company;
  • Knowledge of the Insurance sector and the organisation; and
  • Ability to promote a data protection culture within the organisation


Regulatory Requirements:

  • Data Protection requirements are subject to change, and the role holder is responsible for maintaining an up to date understanding of the data protection environment.
  • This role is subject to the Fitness and Probity Standards (“The Standards”) , issued under Section 50 of the Central Bank Reform Act 2010 and any subsequent amendments. The role holder must ensure they are fully aware of the Standards and in a position to fully comply with them at all times.
  • Awareness of regulatory requirements for the business (e.g. GDPR, eprivacy regulations.) 


RSA Insurance Ireland DAC and its affiliate companies consider applicants on the basis of qualifications and without regard to race, colour, religion, sex, national origin, age, marital or veteran status, sexual orientation, disability or any other legally protected status.


Visit Amris