Data Protection Officer

Job Ref:

Job Title:
Data Protection Officer

Dundrum - Dublin 16

Closing date:
Close date not set

Vacancy Description

Join RSA and make a difference every day. 

 Whether you are just beginning your career or looking to take the next progressive step in your journey, RSA Insurance Ireland is an organization where you can be yourself, learn and develop and a place where your ideas and contributions matter.  

With offices in Belfast, Galway, and Dublin, we have embraced hybrid work empowering our people to work flexibly and to suit their individual needs, which enables them to deliver great service to the customers we look after every day. Our Dublin office is also home to our sister-company        

At RSA and we empower our customers to make a difference in their lives. And the same goes for our employees. We are proud to have 32 different nationalities represented in our workforce. Our diverse customer base benefits from the diverse perspectives of our teams that serve them, solving complex problems with creative ideas. 

 As proud member of the Intact family, we’re part of something bigger with a presence in North America, the UK, and Europe. Our business has grown organically and through acquisitions to over $21 billion of total annual premiums. 

We want you to thrive and grow with us – and we’ll give you all the tools, flexibility and learning opportunities you need to do it.

 And, if you bring your best, then we promise to give you, our best. 


Culture and Community 

 RSA is a purpose-driven business – our purpose is to ‘help people, businesses, and society prosper in good times, and be resilient in bad times’.  

 We do that by living our values – Integrity, Respect, Customer-driven, Excellence, and Generosity – in everything that we do. 

 We provide an open and honest workplace – where everybody contributes, and every view is listened-to and respected.  

 Generosity is in our DNA and is the value that guides and enables our people to help others, protect the environment and make our communities more resilient. It drives our efforts to care for people and to give our time, financial resources and talent. We’re also committed to helping society adapt to a changing climate taking reasonable care to ensure that our business activities are conducted in an environmentally sustainable manner.  


Our stats don’t lie… in our annual engagement survey  

87% of our people celebrate the diversity in their teams and the wider company  

90% of our people feel safe to speak up and share if they’ve made a mistake  

91% of our people feel valued and respected by leadership  

89% of our people are benefiting and thriving through our hybrid working model 


So if you want to make a difference every day, we’d love to have you. 


Data Protection Officer

This is a dynamic and varied role, supporting RSA to comply with its Data Protection Requirements and obligations under the GDPR and data protection law. As the role covers Ireland and Northern Ireland, it gives the role holder exposure to data protection in different countries. There is a significant advisory component with all parts of the organisation together with interaction with Board Risk Committee members, Executive Team Members and external stakeholders and regulators.

The role requires ensuring all key stakeholders are kept informed of material issues relating to Data Protection compliance. An important part of the role will be to work closely with the business to ensure appropriate implementation of an effective Data Protection culture across all parts of the business including RSAII, 123 and RSANI. The role also includes management and oversight of Data Protection Risk Incident reporting process and the Data Subject Rights process.

The role will play a key part in the successful delivery of RSAII’s data and digital strategies and overall business strategy. The role holder also has responsibility for organising the Emerging Risk Committee, giving the role holder exposure to wider stakeholders and variety in role.


Key Responsibilities:

  • Day to day responsibility for ensuring that the Standards and Controls necessary for compliance with the Data Protection Policy are developed and maintained.
  • Provide advice and guidance to the business on data protection regulations, requirements and controls.
  • Develop an approach for training and awareness across the organisation.
  • Monitor compliance with Data Protection requirements.
  • Point of contact for data protection regulators
  • Provide advice and guidance on Data Privacy Impact Assessments, Legitimate Interests Assessments and Data Transfer Impact Assessments
  • Maintain the data breach notification process to notify the appropriate regulator, and where appropriate, data subjects in the event of a notifiable personal data breach.
  • Oversight of Data Subject Rights (DSR) requests (supported by a direct report)
  • Support the implementation of a Third-Party Management process for data protection, including data protection input into supplier contracts.
  • Delivery of suite of Management Information on Data Protection activities
  • Oversight and completion of assurance reviews in relation to Data Protection compliance
  • Report to CRO, Executive Team, BRC and the wider Group on data protection matters.
  • Enhancing the culture of Data Protection Risk Incident reporting and root cause analysis on an ongoing basis within the business
  • Build a strong advisory and consultative capability within the Risk Function with respect to Data Protection
  • Organising the Emerging Risk Committee


  • The jobholder will be office based in the Dublin but may be required to travel to the Galway, Belfast and /or the UK occasionally.
  • 10 years plus relevant experience in a compliance environment, with exposure to data protection matters.
  • Expertise in national and European data protection laws and practices including an in-depth understanding of the GDPR.
  • Understanding of the data processing operations carried out by an Insurance Company.
  • Knowledge of the Insurance sector and the organisation; and
  • Ability to promote a data protection culture within the organisation.



RSA Insurance Ireland DAC and its affiliate companies consider applicants on the basis of qualifications and without regard to race, colour, religion, sex, national origin, age, marital or veteran status, sexual orientation, disability or any other legally protected status

Visit Amris