Enable job alerts via email!

Information Security Compliance Manager and Data Protection Officer (DPO)

Tiger Resourcing Group

London

On-site

GBP 125,000 - 150,000

Full time

4 days ago
Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Start fresh or import an existing resume

Job summary

A leading firm is seeking an Information Security Compliance Manager and Data Protection Officer to oversee compliance with GDPR and other data protection standards. This role will involve developing policies, conducting audits, and engaging with stakeholders to ensure data privacy and security. The candidate must have strong expertise in information security compliance and a relevant compliance certification.

Qualifications

  • Strong knowledge of GDPR, ISO27001, and national data protection laws.
  • Experience in privacy law and data security.
  • Strong communication skills for regulatory engagement.

Responsibilities

  • Ensure compliance with GDPR and data protection laws.
  • Oversee Data Subject Access Requests (DSARs) and breach management.
  • Conduct internal audits and support external audits.

Skills

GDPR
ISO27001
Data Protection Laws
Cybersecurity
Data Governance
Privacy Law
Compliance
Data Security

Education

CIPP/E Certification
ISO 27001 Lead Auditor

Job description

Information Security Compliance Manager and Data Protection Officer (DPO)

Role Summary

Our client is seeking an Information Security Compliance Manager and Data Protection Officer (DPO) to ensure compliance with applicable Information Security Standards (ISO27001 / Cyber Essentials Plus, NIS2) as well as the General Data Protection Regulation (GDPR) and other applicable data protection laws. This role reports to the Director of Governance, Risk & Compliance and will coordinate with the Compliance department. You will oversee data protection strategies, implement policies, and ensure the secure processing of data within the organization. The role requires strong expertise in information security compliance, data privacy, legal compliance, and risk management.

Job Responsibilities

Data Privacy Compliance & Advisory

  • GDPR Compliance: Monitor and ensure compliance with GDPR, national data protection laws, and internal privacy policies; provide internal expert advice on data protection matters and privacy risks; act as the primary contact with supervisory authorities (ICO, CNIL, AEPD); conduct regular privacy impact assessments (DPIAs) for high-risk data processing activities; maintain Record of Processing Activities (ROPA).
  • Policies & Training: Develop and implement privacy policies, guidelines, and best practices; develop and deliver training for employees on data protection obligations.
  • DSAR: Oversee and respond to Data Subject Access Requests (DSARs), including rights to access, erasure, and rectification.
  • Breach Management: Ensure breaches are identified, investigated, and reported according to applicable laws and standards.
  • Audit: Conduct internal audits and ensure continuous improvement in data protection practices; support external audits and regulatory assessments.
  • Assessments: Provide guidance on data privacy and information security in contracts, vendor agreements, and address third-party risk assessment requirements.

Information Security Compliance

  • Certifications: Manage certification compliance programs (ISO27001 / Cyber Essentials Plus); lead and coordinate annual certification efforts.
  • Other Cybersecurity Laws and Regulations: Support compliance efforts regarding EU’s emerging data and cyber laws (NIS2, Data Act).
  • Governance: Support ongoing information security compliance and governance activities.

Collaboration & Stakeholder Engagement

  • Work closely with Legal, IT, Compliance, HR, Internal Audit, and external partners to align data protection strategies.

Job Skills Requirements

  • Strong knowledge of GDPR, ePrivacy Directive, ISO27001, and national data protection laws.
  • Experience in privacy law, compliance, or data security.
  • Familiarity with data governance, cybersecurity, and IT security frameworks.
  • Strong communication skills to engage with internal teams and external regulators.
  • Ability to handle sensitive and confidential information with integrity.

Preferred Qualifications

  • Legal, IT security, or compliance background.
  • Certification in CIPP/E, CIPM, CIPT, CISSP, or equivalent privacy or cybersecurity qualification.
  • ISO 27001 Lead Auditor certifications and experience.
  • Experience conducting privacy impact assessments (DPIAs) and managing data breaches.
  • Strong attention to detail and analytical skills.
  • Ability to work independently and make risk-based decisions.
  • Strong organizational skills for managing compliance documentation.
  • Proactive approach to identifying and mitigating data protection risks.
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.