Data Protection, Legal And Governance Officer

National College of Art & DesignDublinPart-timePermanent

Data Protection, Legal and Governance Officer

School/Unit: Corporate Services

Post Title: Data Protection/Legal/Governance Officer

Post Duration: 0.5 (FTE) - Permanent contract

Grade: Grade VII

Reports to: Head of Corporate Services/Registrar

Salary: NCAD Grade VII Salary Scale (€61,217- €79,583 *per annum) - €30,608.50 - €39,791.50 (Pro-Rata) *Candidates should note that as per Department of Finance guidelines, entry will be at the first point of the salary scale and the rate of remuneration may be adjusted from time to time in line with government pay policy. Candidates should note that different pay and conditions may apply if, immediately prior to appointment, the appointee is a serving civil or public servant.

Annual Leave: Annual Leave will be 14.5 working days per annum. This leave is exclusive of public holidays.

Hours of Attendance: Working hours will be 17.5 hours per week (net of rest breaks).

Location: This position is based at NCAD, 100 Thomas Street, Dublin

Role Purpose:

The Data Protection/Legal/Governance Officer (Grade VII, 0.5 FTE) will lead the College's compliance with the General Data Protection Regulation (GDPR) and the Data Protection Acts 1988–2018, while providing practical guidance on the College's wider legal and regulatory obligations. The post holder will act as the primary point of contact for data protection matters, maintaining records of processing activities, managing data subject access requests and breach responses and embedding privacy by design across academic and corporate services and will additionally advise on matters including Freedom of Information, contracts and agreements, procurement compliance, and statutory obligations under the Code of Practice for the Governance of State Bodies 2016. Given the part-time nature of the role, the post holder will prioritise matters of greatest legal and regulatory risk, ensuring day-to-day queries are addressed efficiently while identifying early those issues requiring escalation to external legal advisors, for whom they will prepare instructions and act as the College's liaison. Reporting to the Head of Corporate Services, the role combines regulatory expertise with sound judgement and pragmatic prioritisation, supporting the College in meeting its statutory obligations within a focused, half-time commitment.

Principal Duties and Responsibilities:

Data Protection / GDPR Administration

  • Act as first point of contact for day-to-day GDPR queries from staff, students and external parties, escalating complex matters as needed
  • Manage the College's Subject Access Request (SAR) process end-to-end, including logging, coordination of searches, redaction, and response drafting within statutory timelines
  • Maintain and update the Record of Processing Activities (RoPA), data processing agreements, and data protection impact assessments (DPIAs)
  • Support investigation and reporting of data breaches/incidents, including liaison with the Data Protection Commission where required
  • Draft and maintain GDPR-related policies (retention schedules, privacy notices, data sharing agreements)
  • Coordinate staff GDPR training and awareness initiatives
  • Support the College's designated Data Protection Officer (DPO) function, whether in-house or outsourced

General Governance/Security Support

  • Provide support to the Governing Body,
  • Assist with the maintenance of registers of interest, related party transactions, and conflict of interest declarations
  • Support internal and external audit processes relevant to governance and compliance
  • Track implementation of governance-related audit recommendations
  • Undertake any other such appropriate duties, which may be assigned from time to time by their Line Manager

Access Controls / Freedom of Information & AIE

  • Administer the College's Freedom of Information (FOI) and Access to Information on the Environment (AIE) request processes, including logging, coordination of searches, decision drafting, and statutory deadline management
  • Liaise with the Office of the Information Commissioner on appeals/reviews as required
  • Maintain FOI publication scheme and proactive disclosure logs
  • Advise on management practices that support timely and accurate responses to access requests
  • Undertake any other such appropriate duties, which may be assigned from time to time by their Line Manager

General Legal Support

  • Provide first-line support on routine legal and contractual matters (leases, procurement contracts, MOUs, licensing agreements), escalating to external solicitors or the Head of Corporate Services & Registrar as appropriate
  • Support statutory compliance monitoring (NCAD Act obligations, Charities Regulator filings where relevant, safeguarding/vetting legislative requirements)
  • Assist with legal correspondence
  • Support policy development across the compliance landscape (child protection/safeguarding, procurement compliance, whistleblowing/Protected Disclosures)
  • Undertake any other such appropriate duties, which may be assigned from time to time by their Line Manager

Selection Criteria

Selection criteria outline the qualifications, skills, knowledge and/or experience that the successful candidate would need to demonstrate for successful discharge of the responsibilities of the post. Applications will be assessed on the basis of how well candidates satisfy these criteria.

Mandatory Criteria

  • Minimum 2–3 years' relevant experience in a governance, compliance, data protection, or legal support role
  • Strong working knowledge of GDPR/Data Protection Act 2018, FOI Act 2014, and Irish public-sector governance requirements
  • Excellent drafting skills — policies, correspondence, board papers
  • High level of discretion, judgement and confidentiality
  • Strong organisational skills with ability to manage multiple statutory deadlines concurrently
  • Proficient in Microsoft Office (Word, Excel, SharePoint/records systems)

Desirable Criteria

· Experience working within the Higher Education (HEI) sector, particularly with awareness of HEA governance frameworks, the Code of Governance for State Bodies or equivalent statutory instruments

  • Qualification in Law; professional legal qualification (solicitor/barrister, qualified or part-qualified) an advantage

· Experience in or affinity with an Art and Design college / creative education environment, and sensitivity to studio-based, practice-led academic culture

· Certified Information Privacy Professional (CIPP/E) or similar data protection qualification

· Company Secretarial or governance-specific training (e.g. ICSA/CGI)

· Familiarity with Charities Regulator obligations and public-sector procurement rules

Please note that a panel may be formed for this position

Closing Date: 3rd August 2026

Follow us on Facebook and stay up to date with the latest jobs in Dublin!


Apply Now

Before you go

Get the latest jobs in Dublin by email

By creating a job alert, you agree to our Terms. You can unsubscribe from these directly within the emails or as detailed in our terms.

Continue to job
Need help? Contact us
Cookies, Privacy and Terms©JobAlert.ie  2026