Our client is seeking an experienced Data Protection Officer to join their global Risk and Compliance and General Counsel team. This is a permanent, full-time position. The successful candidate will serve as the designated Data Protection Officer across all jurisdictions or support local officers where appointed. The role involves strategic oversight of data protection frameworks, risk management, compliance monitoring, and firm-wide training initiatives to ensure a strong culture of data protection.
Job Duties:
- Serve as the primary contact for all internal and external stakeholders on data protection matters
- Provide expert advice on data protection aspects of contracts, client terms, questionnaires, and regulatory queries
- Advise senior leadership and staff on data protection obligations and oversee responses to data subject rights requests
- Maintain and regularly review the firm's data protection framework, including policies, notices, templates, and clauses
- Monitor and audit internal policies and procedures to ensure alignment with evolving regulations and regulator guidance
- Maintain and update internal data processing protocols and data protection registrations
- Conduct internal risk assessments and support completion of Data Protection Impact Assessments (DPIAs)
- Establish and update the Record of Processing Activities (RoPA) in line with GDPR requirements
- Develop and conduct regular compliance monitoring reviews to identify risks and areas for improvement
- Manage induction and refresher training modules and deliver tailored training to staff and senior stakeholders
- Collaborate with teams across the firm, including General Counsel, IT, HR, Marketing and Project Management, to implement data protection measures
- Act as the key point of contact for regulatory bodies and data protection authorities
Job Requirements:
- Significant experience in compliance, legal, risk or control roles with a focus on data protection in a law firm or regulated services business
- Proven experience developing and delivering Board-level presentations and staff training
- Strong knowledge of UK and EU data protection regulations (including GDPR, DPA 2018, PECR), with awareness of Channel Islands and other international frameworks
- Track record of developing, assessing and reporting on data protection compliance frameworks
- Strong policy and report writing skills
- Ability to conduct horizon scanning and assess emerging legal and regulatory risks across jurisdictions
- Commercial awareness with a pragmatic approach to risk management
- Excellent verbal and written communication skills with the ability to convey technical information to non-specialist stakeholders
What You’ll Love:
Our client is a leading offshore law-led professional services business with a strong international reputation for advising high-profile financial institutions, corporates, and private clients. The firm fosters an inclusive and collaborative working environment, where each individual is valued and supported. With a clear commitment to personal development and an open, team-spirited culture, this is an exceptional opportunity to join a forward-thinking organisation committed to excellence.
Interested? Register today, confidentially, with one of our friendly and dedicated recruitment specialists by clicking here
