Provide support to the G DPO to help shape the design, implementation, and continuous improvement of the organisation's data privacy framework.
Monitor compliance with data privacy legislation, policies, and internal controls.
Maintain and oversee RoPA , DPIAs , LIAs and associated documentation.
Develop and implement data privacy policies, standards, and guidance.
Identify , evaluate, and mitigate privacy risks across business functions.
Lead and oversee DPIAs, TIAs, and high ‑ risk processing assessments.
Advise on new initiatives, digital transformation programmes, and vendor engagements to ensure privacy by design and default.
Ensure third-party vendors comply with the organisation's data privacy requirements.
Lead the response to personal data breaches, including assessment, containment, remediation, and notification obligations to regulators and data subjects.
Ensure effective root cause analysis and drive systemic improvements.
Serve as a trusted advisor to first line business areas and other functions, such as L egal, I nformation S ecurity, HR, M arketing, and P roduct teams.
Review contracts and data privacy clauses in conjunctions with P rocurement and L egal teams.
Provide expert advice on international data transfers and cross ‑ border processing.
Develop and deliver privacy training, workshops, and awareness campaigns.
Promote a privacy ‑ first culture across the organisation.
Oversee processes related to data subject rights requests (DSRs), including access, rectification, and erasure requests.
Ensure efficient handling of subject rights requests within statutory timelines.
Coordinate compliance with applicable data privacy laws and guidance issued by regulators such as the Information Commissioner's Office.
Manage responses to regulatory enquiries, investigations, and audits.
Develop and maintain policies covering data retention, lawful processing, and international data transfers.
Maintain records of processing activities as required under data privacy legislation.
Act as a key point of contact with regulators, external auditors, and data subjects where required .
Prepare regular reports for senior leadership, risk committees, and the G DPO.
M entor data privacy analysts and privacy specialists.
Support the strategic development of the data protection function.
P rovide management information on a regular basis to demonstrate compliance for relevant business units and highlight any compliance gaps . This includes preparation of monthly KRIs.
Horizon scan for changes to data privacy laws / regulations that could impact the business and raise these with the GDPO .
Monitor regulatory developments and assess their impact on organisational operations.
Working groups - attend and contribute where required .
Provide cover for other members of the DP T eam as required .
Skills and experience required:
Strong knowledge of applicable data privacy laws, e.g. UK GDPR, EU GDPR, DPA 2018, PECR/e-Privacy, and relevant industry standards.
Proven experience of conducting operational day-to-day data privacy tasks, DPIAs, incident response, and regulatory interactions.
Excellent communication, influencing, and stakeholder management skills.
Ability to interpret complex legislation and translate into practical business advice.
Recognised data privacy qualification is preferrable but not essential, such as CIPP/E, CIPM, CIPT, BCS Data Protection, or equivalent.
We offer lots of great benefits! Some of which include:
Competitive salary and annual discretionary bonus
25 days annual leave plus bank/public holidays, as well as an annual option to buy up to 5 additional days of annual leave
Training opportunities as well as clearly defined career progression
Health cash plan - employer funded cover to enable you to claim money back on essential healthcare costs, including dental, optical, physiotherapy and many more. Cover also includes unlimited access to a 24/7 virtual GP service
Attractive company pension scheme
Life assurance - employer funded cover of 4x basic salary
Dedicated online benefit portal offering access to saving and lending facilities, financial wellbeing and support services:
Salary Finance - access to savings and borr
Benefits
Health insuranceDental insuranceFlexible schedulePerformance bonus
Additional Information
Senior Data Protection Analyst
Location : Flexible on location with visits to our office in Wimbledon as and when required.
Salary: Permanent
Contract: Full Time
We have an exciting opportunity for Senior Data Protection Analyst to join our Risk & Compliance team here at Domestic & General. The role plays a pivotal role in supporting and strengthening the organisation's data protection and privacy compliance framework.
The role focuses on implementing and maintaining operational data protection processes, conducting data privacy risk assessments, supporting regulatory compliance, and ensuring that personal data is processed in accordance with relevant legislation including the UK General Data Protection Regulation.
Domesticandgeneral · Wimbledon, UK