Skip to main content

European Data Privacy Leader

Location: London, United Kingdom

Company: Marsh & McLennan Companies

Job ID R_078403-en

At Mercer, we make a difference in the lives of more than 110 million people every day by advancing their health, wealth, and careers. We’re in the business of creating more secure and rewarding futures for our clients and their employees — whether we’re designing affordable health plans, assuring income for retirement or aligning workers with workforce needs. Using analysis and insights as catalysts for change, we anticipate and understand the individual impact of business decisions, now and in the future. We see people’s current and future needs through a lens of innovation, and our holistic view, specialised expertise, and deep analytical rigor underpin each and every idea and solution we offer. For more than 70 years, we’ve turned our insights into actions, enabling people around the globe to live, work, and retire well. At Mercer, we say we Make Tomorrow, Today.

Mercer LLC and its separately incorporated operating entities around the world are part of Marsh & McLennan Companies, a publicly held company (ticker symbol: MMC) listed on the New York, Chicago, and London stock exchanges.

The European Data Privacy Officer will be a part of Mercer’s Compliance Team, supporting oversight of matters relating to Data Protection and Data Privacy in the UK, Ireland and Continental Europe. The role is based in London and will report into the Mercer Global Chief Privacy Officer, based in New York.  The role will support the direction of Privacy within MMC and Mercer and will be a strategic business partner with key stakeholders including MMC’s Global Chief Privacy Officer, MMC’s EMEA Chief Privacy Counsel, Mercer’s Global Chief Privacy Officer as well as regional Compliance Officers in the UK, Ireland and Continental Europe and the Health, Wealth and Career lines of business.

Core Role Responsibilities:

Working within the Legal & Compliance function, the role holder is expected to help to maintain a professional and well governed environment and to achieve compliance with data protection regulations in Europe with the following responsibilities:

  • Participate in the development and execution of the data protection and privacy programme strategy for Mercer that aligns to business goals and objectives. Together with the Global Chief Privacy Officer and Global Chief Information Security Officer, assist in strategic leadership on information security matters and incidents to ensure compliance with data protection laws and regulations.
  • Responsible for the implementation of the data protection and privacy programme across Mercer Europe including establishment of a privacy governance structure with responsibilities appropriately assigned to effect proper privacy by design, processing, data destruction and reporting; aaccountability frameworks; policy, operational and technical process & controls; training & awareness; compliance monitoring; incident reporting and ongoing regulator registration, where required. 
  • Create and maintain an inventory of data sources and processing within Mercer Europe which will include locations, consent/ legitimate purpose log, processing activity, retention, accountable owners.
  • Provide oversight over the ongoing roll-out of GDPR across Mercer in Europe and provide subject matter expertise within Mercer and within Marsh & McLennan (MMC) related to GDPR.
  • Manage external relationships within the privacy and information security professional network (e.g. IAPP, CIPIL, etc).
  • Assist the business with developing procedures, controls and protocols that enable and promote growth, simplicity, agility and empowerment as it relates to the data protection and privacy risks for Mercer in UK, Ireland and Continental Europe; provide advice and guidance to Mercer’s businesses in respect of ad-hoc queries and new projects; ensure that Privacy Risk Assessments are completed where the business seeks to undertake a new activity.
  • Provide advice and guidance to the business with regard to the use, collection, storage and deletion of personal data, including with respect of Data Subject Access Requests, Requests for information from law enforcement and requests for a witness statement following the provision of information.
  • Promote data protection awareness and a culture of personal responsibility through training and regular communications.
  • Provide management information to the UK and European Risk Committee and Management Leadership Teams in order to allow the assessment of risk performance and controls; support how data protection fits within the entity governance framework, attending meetings where required.
  • Collaborate with various colleagues in the legal, compliance and information technology in Mercer and MMC and information security in order to identify and control privacy risks.  Participate in cross Operating Company working groups as and when required.
  • Coordinate with other MMC functions to maintain effective data breach management processes.
  • Remain current with progress on European regulations and ensure Mercer is well placed to implement new requirements, and where needed that such requirements are built into policies and procedures.
  • Supervise UK privacy officer

Skills Requirements:

  • Extensive data protection and privacy experience.
  • Proven experience in developing and evolving data privacy strategies across multiple jurisdictions, preferably across pan-European operations.
  • Demonstrable in-depth knowledge of relevant data protection regulations in the UK.
  • A working knowledge of pan-European data privacy laws and regulations.
  • Experience in leading data privacy improvement initiatives at a corporate level.
  • Professional qualification in data protection/privacy (i.e. BCS/ISEB; CIPP/E; CIPM) is preferred.
  • Strong business presentation, written and communication skills.
  • Technically minded, with an ability to analyse data protection issues in the context of IT systems, web-based technologies and other media.
  • A proven relationship builder and influencer who can build strong networks and contacts, internally and externally.
  • Knowledge of privacy enhancing technology and automated controls.
  • Highly organised with a flexible approach to work.
  • Ability to develop strong “critical friend” relationships with key business, legal and technology stakeholders.
  • Data Protection management within an FCA regulated financial services firm would be an advantage.

At Mercer, we make a difference in the lives of more than 110 million people every day by advancing their health, wealth, and careers. We’re in the business of creating more secure and rewarding futures for our clients and their employees — whether we’re designing affordable health plans, assuring income for retirement or aligning workers with workforce needs. Using analysis and insights as catalysts for change, we anticipate and understand the individual impact of business decisions, now and in the future. We see people’s current and future needs through a lens of innovation, and our holistic view, specialized expertise, and deep analytical rigor underpin each and every idea and solution we offer. For more than 70 years, we’ve turned our insights into actions, enabling people around the globe to live, work, and retire well.
We embrace a culture that celebrates and promotes the many backgrounds, heritages and perspectives of our colleagues and clients. At Mercer, we say we Make Tomorrow, Today. Visit www.mercer.com for more information and follow us on LinkedIn and Twitter @Mercer.
Mercer LLC and its separately incorporated operating entities around the world are part of Marsh & McLennan Companies, a publicly held company (ticker symbol: MMC). Marsh & McLennan Companies offers competitive salaries and comprehensive benefits. For more information about our company, please visit us at: http://www.mmc.com/. We embrace a culture that celebrates and promotes the many backgrounds, heritages and perspectives of our colleagues and clients. We welcome people looking to return to work as well.  For more information, please visit us at: www.mmc.com/diversity.

Marsh & McLennan Companies & its affiliates aim to attract and retain the best people regardless of their gender expression or identity, marital and civil partnership status, ethnic origin, nationality, age, background, disability, sexual orientation or beliefs.

#LI-EO

Apply Later
  • Stay Connected

    Join our Talent Community and receive information on future opportunities.

    Sign Up

  • Saved Jobs

    You have not saved any jobs.

    See All Saved Jobs

  • Mercer Campus Careers

    Mercer offers many exciting and fruitful internship and entry-level positions.

    Learn more here

  • Leadership Recognition

    Dan Glaser, President and CEO, has been named to Institutional Investor magazine’s 2017 All-America Executive Team ranked as the #3 Overall CEO in the insurance industry, #3 with buy-side analysts and #2 with sell-side analysts.

  • Careers at Marsh & McLennan Companies