Senior Data Protection Compliance Associate Director

We are partnering with a leading global construction client renowned for delivering complex projects across the built environment.

We are seeking an experienced data protection professional to lead and oversee GDPR compliance across the organisation. The role combines strategic leadership, operational management, and expert advisory responsibilities, ensuring the business operates in line with data protection legislation while supporting key commercial objectives.

• Lead and monitor GDPR compliance plans and track progress through defined KPIs.
• Provide tailored data protection advice for strategic projects and negotiate data protection terms for critical contracts.
• Develop and implement a global data protection framework to support business growth and operational models.
• Draft, review, and manage policies, procedures, and contract documentation in compliance with GDPR and UK data protection law.
• Promote the organisation as a sector leader in data protection.
• Oversee GDPR training programmes, ensuring mandatory compliance across teams.
• Design communication plans to support GDPR initiatives and performance metrics.
• Represent the business at national and international conferences and engage with external practitioners and industry bodies.
• Establish and chair GDPR steering groups to address issues such as data breaches, data ownership, and subject access requests (SARs).
• Serve as the EU Representative to ensure post-Brexit compliance.
• Lead, mentor, and manage the data protection team, fostering a high-performing culture.
• Manage GDPR legal retainers with external counsel in line with strategic and commercial objectives.
• Drive continuous improvement by applying best practices and lessons learned.
• Contribute to organisational strategy, providing expert guidance to senior leadership.
• Support net zero carbon initiatives by monitoring and managing associated emissions during project delivery.

• Strategic thinker with experience delivering GDPR objectives aligned with wider business goals.
• Strong organisational skills, able to manage multiple priorities and meet deadlines.
• Proactive ownership of tasks and commitments, safeguarding organisational reputation.
• Effective leadership skills with the ability to set clear objectives and share knowledge.
• Excellent interpersonal skills and the ability to engage effectively at all levels.

• CIPP/E qualified or qualified data protection lawyer.
• Extensive knowledge of GDPR, national data protection laws, and ICO guidance.
• Experience as a Data Protection Officer or senior data protection lead in a commercial setting.
• Proven ability to apply data protection law in commercial contexts.
• Strong IT skills, including proficiency with Adobe and Excel.

“People Group is an equal opportunity employer. We embrace diversity and are committed to promoting an inclusive environment for both our clients and employees"