Job Overview

This role plays a critical execution role within the team, delivering high-quality data protection documentation & assessments with sound judgement and minimal supervision. This role is responsible for translating regulatory and policy requirements into clear, defensible, and practical outcomes across a steady volume of work; supports complex privacy cases, contributes to service consistency, and helps uplift overall quality through example and collaboration.

Key Responsibilities

• Support business in performing end-to-end RoPA documentation and data protection assessments (DPIA, LIA, SPA, TIA) in line with regulatory requirements, internal standards, and service expectations
• Assess data protection risks and recommend proportionate and pragmatic mitigation measures
• Translate regulatory, legal, and policy guidance into operationally usable assessments
• Handle moderately complex or sensitive processing activities independently
• Support higher-risk or ambiguous service requests escalated by junior colleagues
• Escalate material risks or unresolved uncertainties appropriately
• Contribute to continuous improvement of templates, guidance, and assessment practices

Key Capabilities/Experience

• Strong knowledge of core privacy principles and regulatory frameworks.
• Solid experience with data protection assessments, vendor risk assessments, data breach assessment, and DSR handling.
• Strong analytical thinking and attention to detail.
• Effective communicator able to work with cross-functional teams
• Confidence engaging stakeholders and clarifying privacy positions

Minimum Qualifications

• 5–7 years of hands-on data protection / privacy compliance experience
• Background in technology, information security, risk management, or legal
• Privacy training or certifications (CIPM, CIPP/E, CIPP/US, CIPT, CDPSE).
• Experience with privacy tools (preferred)