This role plays a critical execution role within the team, delivering high-quality data protection documentation & assessments with sound judgement and minimal supervision. This role is responsible for translating regulatory and policy requirements into clear, defensible, and practical outcomes across a steady volume of work; supports complex privacy cases, contributes to service consistency, and helps uplift overall quality through example and collaboration.
Key Responsibilities
Support business in performing end-to-end RoPA documentation and data protection assessments (DPIA, LIA, SPA, TIA) in line with regulatory requirements, internal standards, and service expectations
Assess data protection risks and recommend proportionate and pragmatic mitigation measures
Translate regulatory, legal, and policy guidance into operationally usable assessments
Handle moderately complex or sensitive processing activities independently
Support higher-risk or ambiguous service requests escalated by junior colleagues
Escalate material risks or unresolved uncertainties appropriately
Contribute to continuous improvement of templates, guidance, and assessment practices
Key Capabilities/Experience
Strong knowledge of core privacy principles and regulatory frameworks.
Solid experience with data protection assessments, vendor risk assessments, data breach assessment, and DSR handling.
Strong analytical thinking and attention to detail.
Effective communicator able to work with cross-functional teams
Confidence engaging stakeholders and clarifying privacy positions
Minimum Qualifications
5–7 years of hands-on data protection / privacy compliance experience
Background in technology, information security, risk management, or legal
Privacy training or certifications (CIPM, CIPP/E, CIPP/US, CIPT, CDPSE).
