By Simon McDougall, ICO Executive Director for Technology and Innovation

22 October 2019

The ICO is a varied and exciting place to work.

On any given day, our employees might be investigating the potentially unlawful use of personal information to sell people goods, services or even political messages, or considering the privacy implications of emerging technologies such as facial recognition and artificial intelligence.

They might be taking action against organisations responsible for data breaches, nuisance calls or excessive delays to freedom of information requests, or liaising with our counterparts overseas on international policy developments.

We have significantly expanded our permanent workforce over the last two years but we are also keen to increase the variety and number of people who join us on temporary secondment from other organisations.

Secondments help support the ICO’s varied and influential work by bringing in specialist expertise, fresh thinking and new ways of looking at or doing things.

They are also of real benefit to the people who join us – and their permanent employers.

Secondees gain new knowledge, skills and experience from working at the ICO which will not only improve their own personal expertise and boost their CVs but will also make them better and more valuable employees when they return.

There may even be a reputational benefit for organisations whose staff are considered suitable to work with us, and we welcome direct contact from employers willing to second members of their staff to the ICO.

Secondees can be from the public, private or third sectors and we are looking for people from a range of backgrounds to work in all areas of our business.

This could include experts in policy, legal, cyber-security, audit, investigations, international relations, IT, information governance, communications, customer service, finance, organisational development, research and grants or project management.

Prior experience in the legislation we oversee is always desirable - but not essential - and we are happy to consider people with a wide range of expertise, and a passion for what they do.

At this moment in time, we are especially keen to recruit in my directorate, the Technology Policy and Innovation Service. Exploring and predicting future privacy challenges is an ever more vital part of our work, and so we are looking for technical specialists with knowledge and experience in:

  • Cybersecurity;
  • Artificial intelligence;
  • Adtech;
  • Privacy enhancing techniques, such as anonymisation, pseudonymisation, differential privacy, and homomorphic encryption;
  • Biometric technologies;
  • The Internet of Things, including areas such as smart cities and smart speakers;
  • Connected and autonomous vehicles; and
  • Horizon scanning – with the ability to identify and evaluate emerging technologies and assess their potential impact on information rights.

We are also particularly looking for policy specialists, project managers and people with experience of audits and risk management.

We would typically expect a secondment to last between six and 24 months, although in some circumstances we would consider shorter periods. Secondees retain their parent organisation’s terms and conditions but must sign a confidentiality agreement, a code of conduct and declare any political affiliations.

So if you are interested in a secondment at the ICO, discuss it with your employer first to ensure they support your application. Then visit the Secondment Opportunities page on our website or email a copy of your CV to secondments@ico.org.uk  and briefly outline the area that you are interested in. We are sure you would enjoy working for us and we will be happy to have you.

Case studies 

Name:
Ange Banks 

Permanent employer and job title:
Lloyds Banking Group - Senior Manager, Group Data Protection Office

Role at the ICO:
Policy Advisor in the Technology and Innovation Service

What has your work with us involved?
So far, I have been involved with the Sandbox Team, assisting with the review of risk assessments and data protection impact assessments, as well as reviewing DPIAs more broadly in terms of those sent to the ICO for prior consultation and those received as part of an investigation.

What particular expertise do you think you have brought to the ICO?
I think my background in risk management has been beneficial, especially in terms of the help I have been able to provide to the Sandbox Team. This has also been advantageous when reviewing DPIAs more broadly.

Although my experience is exclusively in financial services, many of the data privacy risks cut-across all sectors and having a naturally inquisitive mindset is always helpful!

And what have you learned from us?
It has (in the relatively short time I have been here) been great learning about the parts of the GDPR and DPA that don’t apply in the financial services sector and I am discovering a lot about the expectations of the regulator.

I have been fortunate so far to have met colleagues from the Policy function, Legal and Technical teams; listening to these ICO experts has been incredibly informative and insightful.

Have you enjoyed the experience and would you recommend it to others?
I have really enjoyed the experience so far and I can already see how this will benefit me personally, as well as my employer.  I would definitely recommend the opportunity to others, for all of the reasons above, and also because the culture and ethics of the organisation are second to none.

 

Name:
Vinay Chauhan

Permanent employer and job title:
The Financial Conduct Authority, Associate (Forensic Investigator)

Role at the ICO:
Intelligence officer 

What has your work with us involved?
Two main work streams were investigations into suspected breaches of UK data protection legislation and producing an intelligence report profiling a particular industry sector. Both involved co-operation on a cross-office and international level.

What particular expertise do you think you have brought to the ICO?
I was able to bring to the ICO some financial services sector-specific knowledge as well as investigations experience from another domestic regulatory authority.   

And what have you learned from us?
As well as learning to quickly upskill on data protection legislation from the brilliant in-house training, the secondment to the ICO allowed me to pick up new ways of working and learn different approaches to conducting effective regulation.

I also learned first-hand the importance and value of having close working relationships with international jurisdictions, especially so where regulatory landscapes align.

Have you enjoyed the experience and would you recommend it to others?

I immensely enjoyed my time at the ICO and the varied experience that I gained. I would without hesitation recommend it to anyone interested in working with data protection legislation.

 

Simon McDougall is Executive Director for Technology Policy and Innovation at the ICO where he is developing an approach to addressing new technological and online harms. He is particularly focused on artificial intelligence and data ethics.

He is also responsible for the development of a framework for auditing the use of personal data in machine learning algorithms.