Data Protection Officer

Job Description

As the Data Protection Officer you will be responsible for the design and delivery of complex reviews to ensure the company is managing its regulatory requirements for the Data (Use and Access) Act 2025, Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR) and the Privacy and Electronic Communication Regulation (PECR).

A Key area of focus for the role is supporting colleagues in relation to all data protection related queries and incidents as well as ensuring that the company is appropriately compliant with the requirements of the Data Protection Laws and best practice. 

The DPO will set and drive the Group's Data Protection Compliance strategy, through the development and oversight of the Data Protection Compliance Framework and ongoing monitoring activities.

As the Data Protection Officer, we are looking for someone to:

• Inform and advise the organisation and its employees about their obligations to comply with the Data Protection Laws
• Monitor compliance with the Data Protection Laws, including but not limited to; managing internal data protection activities, reviewing and advising on Data Protection Impact Assessments, facilitating the training of all staff and conducting internal assurance audit
• Build and maintain a Data Protection Compliance Framework, including managing the subsequent activities required, e.g. managing personal data inventory, record of processing activities, DPIA's, Data Processors, data protection assurance audits, policy creation and management, risk and personal data control structures
• Be the first point of contact for the Regulator, and other supervisory authorities, and for individuals whose data is processed
• Liaise with key stakeholders in order to design and deploy appropriate data processor contracts and data protection policies, taking full account of all regulatory and legislative requirements
• Organise colleague Data Protection awareness and training. Ensure staff awareness of the organisations Data Protection Management and the requirements of the Data Protection Laws is maintained. 
• Be responsible for management of data protection incidents and act as an advisor to colleagues as a source of guidance
• Fulfill the obligations of Article 39 UK GDPR Statutory Obligations 
• Manage a team of 3 colleagues (1 Direct report)

Qualifications

Essential:

• Experienced Data Protection professional with substantial experience as a Data Protection Officer
• Excellent and effective communication, negotiation, influencing and interpersonal skills 
• Expertise in UK and EU data protection laws and an in-depth understanding of the UK GDPR
• Ability to demonstrate technical knowledge and awareness of current data management and communication technologies. 
• Experience of continuous improvement activity driving high performance

Desirable:

• CIPP/E
• CIPT
• CISM
• Advanced report writing experience

If you feel you have some of the skills mentioned above, but not all, please do still apply and we would be happy to have a further discussion with you in regards to your suitability for the role.

Additional Information

Together embraces diversity and inclusion, and are proud to be an equal opportunity workplace. Not only do we welcome difference – we celebrate it, support it and really value our colleagues for who they are. We are committed to building a team that represents a variety of backgrounds, perspectives and skills.

If you feel you'd benefit from any support or reasonable adjustments during any stage of the recruitment process, please don’t hesitate to let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process.

Please note that all successful applicants will undergo relevant employment reference, financial and criminal record checks.