Job Description

Description
The post holder will work in the Assurance and Risk Management directorate in the Audit Team, providing support to the team leaders and lead auditors, primarily on:

* Data Protection Officer (DPO) audits: internal audits to assess NHS Digital's compliance to GDPR and Data Protection legislation and its own internal policies
* Data Sharing Audit (DSA) team, external audits of data recipients (e.g. universities, NHS trusts, local authorities, charities and commercial organisations) to ensure they are meeting the terms of our data sharing agreements and that data we share is protected.

Practical experience of auditing, information governance and information security is required for this role. Experience of remote auditing would be an advantage, though training will be provided if not. Knowledge and experience of working within the health and social care sector is advantage.

Required Knowledge, Skills, and Abilities

* Educated to postgraduate, diploma/degree level or equivalent * Auditor qualification, e.g. ISO 9001 (Quality Management Systems), ISO 27001 (Information Security), ISO 20000 (Service Management), Certified Information Systems Auditor (CISA) or Internal Auditor qualification e.g. Certified Internal Auditor or equivalent1) Audit experience 2) Knowledge of IG record management 3) GDPR and information security background 4) Data protection legislation knowledge 5) NHS / Healthcare experience (desirable)