This is a hybrid role with the need to be in the office 2 days per week.
Key Responsibilities for the Data Protection Manager
- Provide subject matter expertise to operational teams and other business areas across on data protection queries, including lawful bases for processing, data minimisation, retention, and consent.
- Support business initiatives, change programmes, and new product development by advising on data protection considerations and completing Data Protection Impact Assessments (DPIAs).
- Develop and deliver tailored training sessions and materials for operational teams, with content that can be adapted and shared across
- Ensure operational processes and procedures align with the organisations Data Protection Policy, UK GDPR, and other applicable data protection laws.
- Maintain and support the development of Records of Processing Activities (RoPAs), ensuring they are accurate and reflective of both operational and wider organisational practices.
- Contribute to the development and implementation of data protection standards and frameworks that apply across.
- Design and implement proportionate and effective controls to mitigate identified risks, ensuring they are embedded into day-to-day operations and scalable across the organisation
- Support the identification and assessment of data protection risks relating to AI tools or analytics used within Operations, contributing to AI-related DPIAs where required.
- Experience in a data protection, privacy, or compliance role within a regulated environment.
- Experience working within a First Line of Defence (1LOD) or operational risk function.
- Proven ability to advise on data protection risks in business processes and projects.