Data Protection Information Governance Manager

• The Data Protection and Information Governance Manager will lead and develop Dudley Metropolitan Borough Council's approach to information governance, ensuring compliance with national and European data protection legislation.
• This senior role within the Finance & Legal Directorate will provide expert professional advice on all matters relating to data protection, privacy, and information management, while shaping and delivering the Council's Information Governance strategy.
• The post holder will work closely with senior management and elected members to drive high standards of compliance, risk management, and corporate assurance.
• Lead, develop and implement the Council's Information Governance and Data Protection strategies, policies and procedures.
• Provide professional advice and guidance to senior management, elected members, and service areas on GDPR, UK GDPR, Data Protection Act 2018, and related legislation (including PECR).
• Act as the Council's subject matter expert on all data protection and information governance matters.
• Manage data protection impact assessments (DPIAs), information risk assessments and incident management processes.
• Oversee the delivery of training and awareness programmes on data protection and information governance across the organisation.
• Monitor compliance with legal, statutory and policy requirements, producing reports and recommendations for improvement.
• Manage corporate information governance projects, ensuring that deadlines and quality standards are met.
• Provide assurance to the Corporate Information Governance Team (CIGT) and contribute to the wider transformation and digital innovation agenda.
• Ensure compliance with financial regulations, managing relevant budgets effectively to deliver best value.

• Substantial experience working with senior management on strategic and complex data protection or information governance issues.
• Proven track record in developing and managing corporate Information Governance frameworks and policies.
• Expert knowledge of GDPR, UK GDPR, Data Protection Act 2018, and PECR.
• Experience of implementing and managing data protection programmes within a large, public-facing organisation.
• Demonstrated ability to manage corporate projects and a varied work programme effectively.
• Strong understanding of information security principles and IT systems relevant to data management.
• Excellent communication skills - able to translate complex technical issues into plain language for diverse audiences.
• Experience of working with public sector stakeholders, including elected members.
• Degree-level qualification (or equivalent experience) and relevant professional data protection certification (ISEB/BCS or equivalent).
• Commitment to Continuous Professional Development (CPD).

Dudley.

Enhanced DBS is required.