Corporate Services Risk and Data Protection Manager

Howden is a global insurance group with employee ownership at its heart. Together, we have pushed the boundaries of insurance. We are united by a shared passion and no‑limits mindset, and our strength lies in our ability to collaborate as a powerful international team comprised of 23,000 employees spanning over 56 countries.

People join Howden for many different reasons, but they stay for the same one: our culture. It’s what sets us apart, and the reason our employees have been turning down headhunters for years. Whatever your priorities – work / life balance, career progression, sustainability, volunteering – you’ll find like‑minded people driving change at Howden.

Howden Group has always been a company with a difference – with employee ownership at its heart and clients at the front of its mind.

Founded in 1994 as a specialist D&O broker, and from the modest beginnings of our first five years reaching into Europe, we are now the largest European insurance intermediary group in the world and the largest outside the US, with over £3bn in revenue and managing premiums of more than £30bn.

The Group comprises Howden Broking, the international challenger insurance & reinsurance broker, DUAL, the largest international MGA and the Howden Group Services division which helps to support all of our operations globally. We are a group of international experts with a local touch and a digital backbone.

With operations in 55 countries across the UK and Europe, Asia Pacific, the Middle East, Africa, the US and Latin America. With circa 25,000 employees from Berlin to Brisbane, and growing, Howden Group has grown over the last quarter of a century as the group challenging the status quo for clients every day and in every market in which we operate.

We’re looking for a Data Protection & Risk and Control Manager to work within our Group Services division to help drive forward, and support, some of our most challenging and interesting Personal Data related projects.

Howden Group Services (HGS) is a central division of the Howden Group that provides a wide range of central services to the organisation worldwide – these services include (not exhaustive):

• Information Technology (IT)
• Human Resources (HR)
• Finance
• Corporate Services
• Company Secretarial
• Risk & Compliance
• Data Management & AI

Corporate Services is a function sitting within HGS, providing services such as Facilities Management, Procurement, Business Continuity and Health & Safety.

Given the current growth of the business, and its divisions/functions, as well as its ongoing journey to improve its Risk & Control maturity, we are looking for a Data Protection & Risk and Control Manager to join an exciting dynamic company to help support and drive forward our Risk & Compliance agenda.

Whilst the role will be responsible & accountable for Data Protection compliance for the HGS division, it will sit within and report to the Corporate Services function and will support that function with developing and embedding its Risk & Control framework.

The role holder will be responsible for managing general Data Protection & Risk matters in line with the Group’s strategy and in accordance with applicable policies and procedures.

The role holder will be required to liaise regularly with Risk & Compliance leads across the organisation as well as updating the Group Risk and Group DPO functions.

The role holder will assist with more general BAU matters relating to risk management and data protection compliance such as new projects, contract reviews, DPIA’s, & DSAR’s and support the Business and Corporate Services teams as they embed their control framework.

The role requires a confident, self-starter, who can engage and interact well with our colleagues from across the organisation, and who can apply a risk‑based and proportionate approach to these areas of Risk & Compliance.

• Manage Data Protection compliance generally across all of HGS, with support and direction from the Group DP Office.
• Establish processes to ensure adequate oversight of compliance posture.
• Feed into the group reporting structure and attend key committees.
• Help to continually raise awareness of risk management, data protection, and support training staff and internal audits.
• Assist with BAU matters such as risk assessments, ROPA development, contract reviews, DSAR’s, vendor due diligence, breach management, ICO registrations, data security, AI, Data Analytics & develop the current ‘champions’ network.
• Assist with change activities such as the roll‑out of central data processing platforms particularly in relation to Group IT, Group Data and Group HR.
• Collaborate with other business Data Protection SME’s to share best practice and support the wider Howden group with its strategic initiatives.
• Other activities as necessary.

• Lead and assist the Corporate Services function with assessing its compliance with Group Controls & lead and guide on remediation.
• Work & collaborate with the Group Risk function to identify, develop & embed an appropriate ERM control framework.
• Work closely with the Group Risk Team and the Business and Corporate Services leadership teams to develop an Internal Control Framework for each of the core functions.

• Ability to interact well and influence others, especially in a highly agile environment.
• Ability to provide risk‑based advice.
• Leadership skills achieving stated objectives involving a diverse set of stakeholders and managing varied projects.
• Negotiation skills to interface successfully with key internal and external stakeholder.
• Communication skills to speak with a wide-ranging audience.
• Self‑starter with ability to gain required knowledge in dynamic environments.

• Experience within a Data Protection compliance field, to include supporting a data protection program within a complex and enterprise‑wide organisation.
• Experience developing and managing an Internal Controls framework, within a complex and enterprise‑wide organisation.
• Detailed knowledge of UK and European data protection law, and knowledge of data protection law in other jurisdictions would be advantageous.
• Knowledge of SOX would be advantageous.
• Insurance or Financial Services experience preferred.

A career that you define. At Howden, we value diversity – there is no one Howden type. Instead, we’re looking for individuals who share the same values as us:

• Our successes have all come from someone brave enough to try something new.
• We support each other in the small everyday moments and the bigger challenges.
• We are determined to make a positive difference at work and beyond.

We're committed to providing reasonable accommodations at Howden to ensure that our positions align well with your needs. Besides the usual adjustments such as software, IT, and office setups, we can also accommodate other changes such as flexible hours* or hybrid working*.

If you're excited by this role but have some doubts about whether it’s the right fit for you, send us your application – if your profile fits the role’s criteria, we will be in touch to assist in helping to get you set up with any reasonable adjustments you may require.

*Not all positions can accommodate changes to working hours or locations. Reach out to your Recruitment Partner if you want to know more.

Permanent