Data Protection Officer

  • Location
    Wembley, Greater London
  • Salary
    £ 50000 - £ 54000 / Year
  • Job type
  • Industry
    Public Sector and Government
  • External Reference
  • Category
    Public Sector - Housing

Job Title: Data Protection Officer
Reports into: Company Secretary
Direct reports: Data Protection Administrator x2
Department / Location: Governance, Wembley

Role Purpose:

  • Provide advice and guidance to the Network Group employees and customers on all the requirements of the GDPR and Data Protection Act 2018, monitoring GDPR trends and best practice across the sector, and keeping up to date with developments in GDPR and Data Practice legislation and its implication for the Network Group

  • Monitor the Group's data compliance

  • Be the point of contact for data subjects and for cooperating and consulting with national supervisory authorities such as the Information Commissioner's Office in relation to data protection matters

Key Responsibilities and Accountabilities

  1. Enable compliance with GDPR and foster a data protection culture within the organisation which encourages compliance by design and default on all corporate projects

  2. Drive implementation of essential elements of the GDPR, such as the principles of data processing, data subjects' rights, data protection impact assessments, records of processing activities, security of processing, and notification and communication of data breaches

  3. Provide leadership, guidance and support to the Data Protection Team

  4. Provide expert advice, guidance, and information to the organisation including senior management and the Board and those processing its data regarding their legal obligations

  5. Design and undertake comprehensive data audits so as to be able to provide assurance to Network Group management and Board on compliance with legislation and regulations

  6. Oversee the implementation of data compliance tools and ensure robust policies and procedures are in place to achieve consistent good practice across the organisation, and ensure the regular review and refresh of all GDPR policies and procedures

  7. Undertake confidential investigations in relation to data breaches as appropriate and make recommendations to the business on improvements or action relating to staff as necessary.

  8. Liaison with all parts of the business and stakeholders including Regulators so as to be able to manage and respond on data protection matters.

  9. Design and delivery of relevant training and communications on data protection matters to all stakeholders, including Network Group customers, to ensure the role purpose is achieved

  10. Maintenance of all GDPR registers and ensuring appropriate controls, policies, procedures and protocols are in place to ensure corporate compliance with these registers.

  11. Manage an associated budget for the group's data protection requirements.

Standard Responsibilities

Adopt and comply with Network values, policies and procedures, and regulatory frameworks including:

  • Data Protection Officer Date: March 2022

  • Code of Conduct

  • Health & Safety

  • Data Protection, privacy and use of IT resources

  • Regulatory standards and probity

  • Risks and internal controls framework

  • Human Resources policies and procedures

  • Equality and diversity

No role profile can cover every issue which may arise within the post at various times. The post holder is expected to carry out other duties from time to time, which are broadly consistent with those described.

Person Specification


  • An EU/UK accredited GDPR Practitioner qualification or Data Protection Officer accreditation

  • A good standard of education commensurate to the level of the job and the knowledge and skills required to do the job.

Knowledge and Skills Required

  • Relevant experience and knowledge of the requirements of being a Data Protection Officer within a business environment

  • Excellent analytical, organisational and administrative skills

  • Ability to exercise independent judgement and able to provide appropriate challenge to Officers and Managers on compliance with agreed policies and procedures

  • Practical understanding of project management including relevant experience of using Prince2 Project Management or equivalent tools/methodology

  • Ability of co-ordinate projects and people

  • Excellent organisation skills

  • Ability to communicate effectively including the use of negotiation and influencing skills

  • High levels of literacy, numeracy and IT

  • Experience of using Microsoft Office suite, Microsoft Project, Privacy Impact Assessment Framework and of designing process mapping.

Experience Required

  • Experience of managing staff and delivering objectives through a team

  • Experience of keeping up to managing and delivering on projects relating to data compliance or information governance

  • Experience of embedding policies and procedures applicable to customers both internal and external

  • Experience of delivering through a range of communication mediums

  • Experience of delivering training and presenting reports at meetings or events

Additional Information

  • A flexible approach is needed to meet business needs with occasional work outside standard hours

To speak to a recruitment expert please contact Naomi Thomas