Data Governance Manager

Job DescriptionKey ResponsibilitiesAdvise staff on data protection obligations under UK GDPR, the Data Protection Act 2018, and ISO standards.Lead privacy-by-design initiatives across projects and ensure data protection is embedded from the outset.Oversee compliance with data protection laws, internal policies, and certification frameworks.Conduct audits, maintain records of processing activities, and ensure corrective actions are implemented.Maintain and update data protection and security policies, including consent forms and data management plans.Deliver training and awareness programmes to ensure staff understand their responsibilitiesespecially in high-risk areas like HR, IT, and clinical research.Guide teams through Data Protection Impact Assessments (DPIAs) and advise on safeguards for sensitive data.Support breach response efforts, including containment, reporting, and post-incident reviews.Act as the primary contact for regulators (e.g., ICO) and coordinate responses to inspections and inquiries.Manage data subject rights requests and ensure timely, compliant handling.Represent the organisation in external partnerships, ensuring data protection requirements are clearly defined and upheld. Essential ExperienceProven experience as a Data Protection Officer or equivalent privacy leadership role.Deep knowledge of UK GDPR, the Data Protection Act 2018, and related data protection principles.Experience leading ISO27001 and ISO9001 certification activities.Familiarity with applying data protection in scientific research, healthcare, or not-for-profit settings.Understanding of information security standards (e.g., ISO/IEC 27001) and their intersection with privacy obligations.Comfortable engaging with regulators and managing high-risk data processing consultations.Experience working cross-functionally with legal, HR, IT, and research teams.Ability to establish and maintain a robust data protection compliance programme, including DPIAs, breach response, training, and vendor assessments.Strong grasp of technology systems and data management practices, including cloud services, databases, and analytics. Education & CertificationsBachelors degree or higher in Law, Information Governance, Data Security, or a related field.Certifications such as CIPP/E, CIPM, CISSP, or CISM are highly desirable. Skills & AttributesHigh integrity and independence; able to work autonomously with sound judgment.Exceptional attention to detail and accuracy in documentation.Strong communication skills; able to translate complex regulations into clear guidance.Analytical and problem-solving mindset with a methodical approach to compliance.Excellent organisational and project management capabilities.Resilience and discretion when handling sensitive information.Collaborative and influential; able to build trust across departments while maintaining an objective stance.

Created: 2025-11-03