Senior Research Analyst / Research Analyst – Privacy, Ethics & Data Protection

 

Trilateral Research is a UK and IE-based SME, founded in 2004. Our team collaborates across social sciences and technology development to bring insights from each into supporting data-driven innovation. We provide research, advisory (e.g., policy) and technology development services to private and public-sector organisations internationally. We have over 15 years’ experience of leading and participating in European and nationally funded research projects and collaborating on tenders.

To support our continued growth, we have several positions open in the Applied Research & Innovation group. The candidates will be expected to work on projects in both the public and private sectors, with a focus on social science. The successful candidates should have expertise in legal (particularly privacy and data protection), ethical and/or social considerations across a number of sectors and issues, including:

  • Policing and crisis and disaster management
  • Border security
  • Human factors and cybersecurity
  • Smart clothing

Please note that expertise in only one of those sectors, or only related ones, does not preclude applicants from applying. Expertise in technology ethics, privacy-by-design (including experience with Privacy Impact Assessments) or information security would be a plus.

The post-holder will be expected to liaise with project partners and clients across the EU and internationally and deliver high-quality research and project outputs in a collaborative environment in which short and demanding deadlines are frequent. The projects include travel. The post holder will also be required to contribute to business development and experience writing tenders and proposals for research grants would be desirable.

Specific job responsibilities include:

  • Performing research work related to current projects, writing reports or sections of reports and developing other deliverables as required to fulfil contractual obligations.
  • Researching and writing content for grant proposals and tender submissions.
  • Writing content for peer-reviewed journal articles and book chapters, as part of projects, or as an outgrowth from projects.
  • Carrying out empirical research and contributing to the preparation and writing of deliverables.
  • Attending and/or presenting at conferences, meetings and workshops, involving occasional travel in Europe.

Qualifications:

  • Candidates will have a PhD (or near completion) or, exceptionally, a Master’s degree related to one or more of the fields mentioned above.
  • Candidates should have strong, demonstrable writing skills and preferably will have already published papers in peer-reviewed journals.

In return, you get …

  • A competitive salary
  • Flexible working hours / remote working options
  • A supportive and friendly team
  • An opportunity to shape policy at EU level and beyond, technology development and advance discourse
  • A chance to engage with partners from all around Europe

 

Location: Ireland or other EU Member State (multiple positions), remote working options

Salary: Commensurate with experience

Hours: Full Time

Contract Type: Fixed Term or Permanent

 

We are an Equal Opportunities employer and positively encourage applications from suitably qualified and eligible candidates, regardless of their age, sex, race, disability, sexual orientation, gender reassignment, religion or belief, marital/civil partnership status, or pregnancy and maternity. We are a Disability Confident committed and Living Wage employer.

 

To apply, please send your cover letter and CV to info@trilateralresearch.com. All applications should be marked specifically as “Position for Applied Research & Innovation group”. We will process on a rolling basis.

MENTORING

Benefit from our interactive mentoring programme throughout your career at Trilateral, where you will learn from some of the brightest minds in the field, who will support you to integrate seamlessly into the organisation and take the next steps in your professional development. We set growth targets interactively and provide support and encouragement to enable you to discover and realise your professional goals.

IMPACT

We have demonstrable experience in working with partners and clients to transform research into innovation and sustainable impact. If you’re interested in making a tangible impact with your work, we’ll set the foundation and pathway.

Find out about our people and culture, and see how our mission drives the projects we take on, the key data protection services we provide, and the products we develop.

INTERNSHIP & STUDENT PLACEMENT OPPORTUNITIES

Jumpstart your career with an internship at Trilateral Research. Our internship opportunities are open to students with a Master’s, MBA, and PhD in the UK, Ireland and Europe. We also collaborate with top Universities to offer student placement programmes.

Outsourced DPO

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Serve as your DPO

Company name and contact details transmitted to the ICO Company name and contact details available to:
  • Management
  • Employees
  • Data subjects
Article reference: 37

Contact point for data subjects

  • Contact data accessible on the websites and privacy notices
  • Function as the main public contact point (email & post)
  • Guide your organisation on the possible sources of data access requests.
Article reference: 38(4)

Contact point for Data Protection Authorities
(e.g. ICO)

Liaise with the ICO in case of issues with data subjects and data breaches.
Article reference: 39(1)(d), 39(1)(e), 36

Ad hoc advice on difficult data protection issues

Written opinions on data protection queries, with an analysis of relevant issues or other relevant legislative elements
Article reference: 39(1)(a)

Regular newsletter to inform and advise on relevant developments and possible challenges in data protection

Newsletter containing the latest regulatory news and compliance guidance, and news concerning conferences and training opportunities
Monthly
Article reference: 39(1)(a)

Annual gap analysis

Audit and gap analysis to map new activities and data-processing practices
Virtual
Article reference: 39(1)(b)

Status discussion (via phone/skype) and report

Discussion and report
Every 6 months
Article reference: 39(1)(b)

Review of the privacy notices

Review of the privacy notices to ensure accuracy and advice on how to improve
Article reference: 39(1)(b)

Provide advice to the client organisation on how to carry on data protection impact assessments (DPIA) and to monitor their performance

We provide advice on:
  • Whether to carry out a DPIA
  • The best methodology to follow
  • Whether to carry out the DPIA in-house or to outsource it depending on the complexity
  • What safeguards (including technical and organisational measures) to apply to mitigate any risks to the rights and interests of the data subjects
  • Whether the DPIA has been correctly carried out and whether its conclusions are in compliance with the GDPR
Article reference: 39(1)(c)

Oversee the establishment and maintenance of the Record of Processing Activities

  • Contact point for the designated employee
  • Guidance on the Record, including provision of check-lists, best practices, and methodological advice
Article reference: 39

Provide guidance on data breach handling and reporting

  • Contact point for the responsible person
  • Contact point for the ICO
  • Advice on best practices for handling data breaches, including notification requirements, reporting and identification of measures to limit damage
Article reference: 33(3)(b)

Monitor the data-protection-training activities and advise on their necessity

  • Inclusion of a chapter on training in the status reports
  • Provision of news and updates on relevant conferences and training courses (newsletter)
  • Provision of training materials, where appropriate
Article reference: 39(1)(b)

Email and telephone assistance

-
Article reference: -

Bespoke notifications to management on critical legislative, judicial, or policy developments that may impact your business

Email notification with explanation of the development and a preliminary overview of the impact on the organisation
Article reference: 39(1)(a)

Training seminar on the developments of data protection law and policy

-
Article reference: -

Review of the consistency of the internal documents concerning data processing practices

Cross-check of the consistency of the internal documents
Article reference: 39(1)(b)

Weekend and holidays data breach guidance

Data breach guidance during the weekends and holidays
Article reference: -

DPO Assist

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Ad hoc advice on difficult data protection issues

Written opinions on data protection queries, with an analysis of relevant issues or other relevant legislative elements
Article reference: 39(1)(a)

Regular newsletter to inform and advise on relevant developments and possible challenges in data protection

Newsletter containing the latest regulatory news and compliance guidance, and news concerning conferences and training opportunities.
Monthly
Article reference: 39(1)(a)

Annual gap analysis

Audit and gap analysis to map new activities and data-processing practices
Virtual
Article reference: 39(1)(b)

Status discussion (via phone/skype) and report

Discussion and report
Annually
Article reference: 39(1)(b)

Review of the privacy notices

Review of the privacy notices to ensure accuracy and advice on how to improve.
Article reference: 39(1)(b)

Provide advice to the client organisation on how to carry on data protection impact assessments (DPIA) and to monitor their performance

We provide advice on:
  • Whether to carry out a DPIA
  • The best methodology to follow
  • Whether to carry out the DPIA in-house or to outsource it depending on the complexity
  • What safeguards (including technical and organisational measures) to apply to mitigate any risks to the rights and interests of the data subjects
  • Whether the DPIA has been correctly carried out and whether its conclusions are in compliance with the GDPR
Article reference: 39(1)(c)

Provide guidance on data breach handling and reporting

  • Contact point for the responsible person
  • Advice on best practices for handling data breaches, including notification requirements, reporting and identification of measures to limit damage
Article reference: 33(3)(b)

Monitor the data-protection-training activities and advise on their necessity

  • Inclusion of a chapter on training in the status reports
  • Provision of news and updates on relevant conferences and training courses (newsletter)
  • Provision of training materials, where appropriate
Article reference: 39(1)(b)

Email abd telephone assistance

-
Article reference: -

Bespoke notifications to the top management on critical legislative, judicial, or policy developments that may impact your business

Email notification with explanation of the development and a preliminary overview of the impact on the organisation
Article reference: 39(1)(a)

Compliance Support

See below a list of standard requirements for this service, however we are always available to tailor our services in relation to our clients' needs.

Contact us to discuss further.

Data Mapping

Map the data flows within your organisation to better understand how personal information flows between departments

Data Protection Impact Assessments

Where required by the GDPR or national law, conduct or review DPIAs using our library of good practices
Article reference: 35

Consent and Privacy Notice Requirements

Revise and improve consent and privacy notices to meet transparency and accoutnability requirements

Gap Analysis

Identify gaps in your organisation's compliance with the GDPR, national data protection legislation or sectoral legislation

Data Protection Audit

Audit your organisation's activities to assess your compliance with applicable data protection law

Data Protection-by-design and -default

Work with your technical and admin teams to operationalise Data Protection-by-design and -default, using established good practice
Article reference: 25

Training

We offer general, role-based (e.g., HR) and activity based (e.g., DPIA) training. All our training materials are designed to be accessible to non-experts and easy to use

General compliance support

Support for creating required documentation, including, but not limited to Records of Processing activities, Data retention (and deletion) schedules, Personal Data Breach procedures, Subject Access Request procedures, Training materials, Legitimate Interest Assessments, etc.)