Data Protection Information Governance Manager

6 months contract with a Local Authority

The Data Protection and Information Governance Manager will lead and develop Dudley Metropolitan Borough Councils approach to information governance ensuring compliance with national and European data protection legislation.

This senior role within the Finance & Legal Directorate will provide expert professional advice on all matters relating to data protection privacy and information management while shaping and delivering the Councils Information Governance strategy.

The post holder will work closely with senior management and elected members to drive high standards of compliance risk management and corporate assurance.

• Lead develop and implement the Councils Information Governance and Data Protection strategies policies and procedures.
• Provide professional advice and guidance to senior management elected members and service areas on GDPR UK GDPR Data Protection Act 2018 and related legislation (including PECR).
• Act as the Councils subject matter expert on all data protection and information governance matters.
• Manage data protection impact assessments (DPIAs) information risk assessments and incident management processes.
• Oversee the delivery of training and awareness programmes on data protection and information governance across the organisation.
• Monitor compliance with legal statutory and policy requirements producing reports and recommendations for improvement.
• Manage corporate information governance projects ensuring that deadlines and quality standards are met.
• Provide assurance to the Corporate Information Governance Team (CIGT) and contribute to the wider transformation and digital innovation agenda.
• Ensure compliance with financial regulations managing relevant budgets effectively to deliver best value.

• Substantial experience working with senior management on strategic and complex data protection or information governance issues.
• Proven track record in developing and managing corporate Information Governance frameworks and policies.
• Expert knowledge of GDPR UK GDPR Data Protection Act 2018 and PECR.
• Experience of implementing and managing data protection programmes within a large public-facing organisation.
• Demonstrated ability to manage corporate projects and a varied work programme effectively.
• Strong understanding of information security principles and IT systems relevant to data management.
• Excellent communication skills able to translate complex technical issues into plain language for diverse audiences.
• Experience of working with public sector stakeholders including elected members.

The closing date : 16 / 11 / 2025.

Degree-level qualification (or equivalent experience) and relevant professional data protection certification (ISEB / BCS or equivalent).

Commitment to Continuous Professional Development (CPD).

Location : Dudley.

Enhanced DBS is required.