Data Protection Project Manager (fixed term contract)

We’re looking for a proactive and delivery-focused Data Protection Project Manager to lead the implementation of a robust governance and compliance framework across the organisation. This is a hands‑on role, ideal for someone who’s ready to roll up their sleeves and deliver meaningful, tangible outputs.

The role will focus on foundational data protection work, embedding key operational procedures and processes aligned to the ICO Accountability Framework, with immediate impact across the business. You’ll also support broader compliance areas including PCI‑DSS, carbon reporting, and audit readiness.

This role is a 3-month fixed-term contract.

• A data protection and compliance specialist with hands‑on experience implementing governance frameworks, not just managing them.
• Strong ability to operate independently and deliver at pace in a project environment with tight timelines.
• Experienced in interpreting regulatory requirements (e.g. GDPR, UK DPA, ICO) and translating them into real‑world, operational processes.
• Skilled in documenting policies, responding to incidents, and managing subject access and vendor risk requests.
• Confident in working with senior stakeholders and cross‑functional teams to define and implement compliance policies and procedures.
• A natural problem‑solver with excellent communication and stakeholder engagement skills.
• Experienced in audits, data mapping, DPIAs, and tools that support compliance functions.
• Ideally familiar with data protection regulations in the UK, EU, and US.

• Deliver and embed the core data protection governance framework, working closely with business leaders and the Group Data Protection Officer to align with the ICO Accountability Framework and embed it into daily operations.
• Support the wider compliance function by collaborating with the Group-level Senior Compliance Officer to ensure consistent application of standards.
• Draft and implement essential data protection policies, operational procedures, and incident response plans, including clear protocols for escalation, investigation, and reporting. Ensure all documentation meets both legal and Group-level requirements.
• Own and manage incoming compliance and audit queries, coordinating responses to internal and external audits. Work cross‑functionally with Legal, People, IT, Retail, Sourcing, and Operations teams to gather evidence and deliver responses accurately and on time.
• Establish and manage the Data Protection Mailbox, clearing existing backlogs, setting up an efficient triage and escalation process, and tracking all activity for audit‑readiness.
• Learn and document existing business processes from internal stakeholders, identifying gaps and opportunities for improvement. Translate these into practical, privacy‑aligned procedures that are clear, repeatable, and easy to follow.
• Lead the delivery of key compliance activities, including Data Protection Impact Assessments (DPIAs), data subject access requests (DSARs), vendor and third‑party reviews, and data mapping updates. Maintain records such as ROPA, asset registers, and audit trails to evidence compliance.

• Competitive salary.
• Up to 65% employee discount.
• Access to exclusive sample sales.
• Aviva DigiCare+ wellbeing services.
• Medicash health support plan.
• Workplace pension contributions.
• Enhanced parental leave policies.
• Cycle to Work programme.
• Plus further workplace benefits.

If you want to start your story at Reiss as our Data Protection Project Manager, don’t miss out – apply now!

#WeAreReiss

We recognise the importance and power of diversity within our business and, as such, we ensure that our people processes are fair, transparent and promote equality of opportunity for all candidates.

It is our pledge that candidates will not be discriminated against on the grounds of gender, gender identity or expression, pregnancy, marital status, age, race, colour, ethnic background, nationality, disability, sexual orientation, religion, religious or similar belief. Every individual will be treated with respect.

We know that some people won’t apply for a role unless they feel they meet all of the requirements listed. We want you to know that finding people who will add to our inspirational culture and have a learning mindset is incredibly important to us. Even if you feel you don’t tick all the boxes, we’d still like to hear from you.