Data Protection Officer (DPO)

  • Location


  • Sector:

    Financial Services

  • Job type:


  • Salary:

    Salary to be discussed at interview

  • Contact:

    Ashleigh Taylor

  • Contact email:

  • Published:

    about 1 year ago

  • Expiry date:


  • Client:


Job Description: Data Protection Officer (DPO)

Job Title: Manager

Level: III-IV (Depending on experience)

Department: Management & Finance

Reporting to: Chief Financial Officer

Job overview             

The DPO is responsible for overseeing the firm’s data protection strategy and implementation to ensure compliance with data protection regulatory requirements

Basis    3-4 days per week, tbc

The job is based in London but the successful candidate may be able to work from home up to 2 days a week. They will need to be in the office part of the time in order to work with Investment Managers.

Main tasks:

  • To inform and advise management and employees of their obligations to data protection  regulation;

  • To oversee the subject access request and breach reporting process;

  • To maintain an inventory of the firms personal data processing activities;

  • To implement and operate a risk based GDPR compliance monitoring programme to check compliance with data protection regulation and with the firms internal data privacy policies;

  • To raise staff awareness and coordinate training for staff involved in processing personal data;

  • To monitor and advise on data protection impact assessments; 

  • To act as a contact point with the Information Commissioners Office; and

  • To provide regular updates to the firm’s Operational Risk Committee on matters relating to data protection compliance; 

The DPO shall in the performance of his or her tasks have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing.

The DPO may perform other duties however these other duties must not result in a conflict of interest.


  • Work within the regulatory and the firm’s compliance framework

  • To cooperate with requests from the Information Commissioners Office

  • Maintain own professional competence through training and course work

Personal Conduct

Ensure that the firm’s clients and staff are always treated fairly and responsibly, with respect and consideration.

Qualifications, skills, experience and competencies needed

Essential:    Must hold, or be prepared to obtain, Certified GDPR practitioner certificate (or equivalent) – this can be achieved with a 4 day course

Advantageous:    Professional qualification in IT, law, compliance, risk or audit

Academic/Other Skills Required:

Educated to degree level

  • Well organised
  • Excellent written and verbal communications skills
  • Ability to maintain required standards when working under pressure
  • Good attention to detail and ability to work with minimal supervision
  • Good IT skills, especially Excel spreadsheets
To Apply:
Click on the link below and upload your CV and covering letter.