Privacy and Data Protection Manager (Hybrid)

Client: Holland & Knight LLP

Location: Birmingham, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Reference: 9af09dc7f4ed

Job Views: 6

Posted: 05.05.2025

Expiry Date: 19.06.2025

Description: The Privacy and Data Protection Manager will be responsible for improving the Firm’s Data Loss Prevention (DLP) program, conducting and overseeing data egress investigations, supporting the Firm’s privacy incident and breach response plans, and enhancing data protection controls strategies. This role requires experience with Data Loss Prevention (DLP), including investigations related to data loss, exfiltration, or unauthorized data access, and familiarity with eDiscovery solutions or similar technologies. The ideal candidate will have an IT or legal background, strong investigative and analytical skills, and thrive in a fast-paced environment.

1. Improve data loss prevention controls and strategies to protect confidential information, ensuring compliance with legal, regulatory, and contractual obligations.
2. Respond to data egress incidents, conduct investigations, and develop corrective actions or training as needed.
3. Develop metrics plans and report on the DLP program.
4. Prepare incident reports for senior management.
5. Enhance investigation policies, processes, and procedures.
6. Support privacy incident and breach reporting, collaborating with stakeholders and legal counsel.
7. Ensure documentation and adherence to compliance standards and internal controls.
8. Assist in privacy and compliance communication campaigns, including training needs assessment.
9. Conduct risk assessments, develop mitigation plans, and escalate risks appropriately.
10. Support vendor risk management and DPIA programs to ensure third-party compliance.
11. Monitor and oversee remediation efforts to support ongoing compliance.
12. Assist with the Firm’s Integrated Risk Management (IRM) program.
13. Provide regular updates and reports for the PIMS Council.
14. Support audits and evidence collection processes.
15. Perform special projects and additional duties as assigned.

• At least 5 years of professional experience in IT, legal, or investigative roles.
• Knowledge of data handling, privacy principles, data governance, or related areas.

• Experience with Microsoft tools is preferred.
• Industry certifications such as CIPP or CIPM are preferred.

• Ability to sit or stand for extended periods.
• Proficient keyboard skills.

We offer a comprehensive benefits package including paid time off, holidays, parental leave, health plans, insurance, retirement plans, and support resources for health and well-being.