GRC Analyst - Data Protection

Hays Technology

Birmingham, United Kingdom

Last month

Applications closed

Related Jobs

View all jobs

SOC Analyst - 24/7 Secure Operations (Public Sector)

Hays Technology Winchester, Hampshire, United Kingdom

£250 – £300 pd On-site Clearance Required

Cybersecurity Governance (GRC) Manager

ISR Recruitment Qatar

£90,000 – £100,000 pa

Cyber Security Consultant

Marston Search Wolverhampton, United Kingdom

Governance, Risk & Compliance Lead

Spectrum IT Recruitment Dublin, City Of Dublin, Ireland

£77,691 – £86,324 pa On-site

Senior Cloud Security Architect

Softcat Manchester, United Kingdom

Senior Cloud Security Architect

Softcat Birmingham, West Midlands (county), United Kingdom

Posted: 30 Mar 2026 (Last month)

Save job

Create job alert

Applications closed

GRC Analyst - Data Protection & GDPR Compliance

Fixed Term Contract, 12 months - £45k - £50k

Location: Hybrid - Birmingham

Your new company:

I am looking to recruit a GRC Analyst, focusing on Data Protection and GDPR, to join a leader in the hospitality space, with the role focusing on GRC activities, with a strong focus on information security, privacy, and regulatory assurance across the organisation.

The role responsibilities:

This role focusses on data protection assurance and GDPR compliance, ensuring personal data is processed lawfully, and in line with regulatory and organisational requirements. Key parts of the role:

Reviewing how personal data is used across systems, business processes, and technology solutions.

Identifying opportunities to reduce, anonymise, or eliminate personal data processing where it is not essential to business needs.

Support the review, development, and rollout of information security and data protection policies.

Contribute to the management of information security, third party, and privacy risk registers.

Assist with internal and external audits, including GDPR assurance, PCI DSS, and financial audits.

Track remediation of identified security, privacy, and compliance issues to ensure timely closure.

Support incident and breach response activities, including investigation, documentation, and follow up actions.

You will need:

Strong understanding of GDPR, the UK Data Protection Act, and privacy and security control requirements.

Experience working in GRC, information security, data protection, supplier assurance, or a related compliance role.

Ability to interpret and assess technical and organisational controls.

Strong analytical skills with excellent attention to detail.

Confident written and verbal communication skills, able to engage across legal, technical, and operational teams.

Experience contributing to incident or breach investigations.

Ability to manage multiple competing priorities and constructively challenge established processes.

Minimum 3 years' experience in a relevant role.

CIPP/E, CIPM, CompTIA Security+, or BCS Practitioner Certificate in Data Protection, desirable.

What you'll get in return:

Salary of between £45k-£50k

Hybrid working

Company discounts

A pension contribution matched at 1.5x, up to 5%.

Private healthcare, dental plan, cycle to work, and keep-fit schemes.

26 days annual leave plus bank holidays.Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Apr 9, 2026

Products

Where to Advertise Cyber Security Jobs in the UK (2026 Guide)

Advertising cyber security jobs in the UK requires a different approach to most technical hiring. The candidate pool is small, heavily vetted and in high demand across government, financial services, critical national infrastructure and the private sector simultaneously. Many of the strongest candidates hold active security clearances, are not actively job-searching through general platforms, and move primarily through specialist networks and trusted referrals. General job boards reach a broad audience but lack the specificity that security professionals expect. Specialist platforms, government-affiliated channels and cleared candidate networks each serve a different part of the market. This guide, published by CybersecurityJobs.tech, covers where to advertise cyber security roles in the UK in 2026, how the main platforms compare, what employers should expect to pay, and what the data says about hiring across different role types.

Mar 24, 2026

Jobs

Penetration Tester Jobs in the UK: What Employers Actually Want in 2026

The demand for skilled professionals in cyber security has never been higher, and penetration testers sit at the very heart of this rapidly evolving industry. As organisations across the UK continue to digitise their operations, protect sensitive data, and defend against increasingly sophisticated threats, the need for ethical hackers has grown dramatically. If you are considering a career in this field—or looking to advance within it—it is essential to understand what employers are really looking for in 2026. This guide breaks down the current expectations, required skills, certifications, and practical experience that can help you stand out in a competitive job market.

Mar 11, 2026

Jobs

SOC Analyst Jobs UK 2026: Salaries, Skills & How to Get Hired

Cyber security is one of the UK's fastest-growing career paths — and SOC analyst is where most people begin. It's in high demand, genuinely accessible, and you don't need a degree or years of experience to get started. But knowing what UK employers actually want in 2026 — what they pay, which certs matter, and how to stand out — is a different matter. This guide covers all of it.