Data Protection, Business Continuity & Resilience Manager

What you'll be doing:

Data Protection (DPO)

• Act as the organisation’s statutory Data Protection Officer, ensuring full GDPR compliance.
• Manage and maintain the GDPR Governance Framework.
• Advise senior leaders on data protection law and its impact on operations.
• Lead data breach investigations and liaise directly with the ICO.
• Drive organisation-wide privacy awareness and oversee training needs.
• Serve as the main contact for regulators and individuals exercising data rights.

Business Continuity

• Oversee and develop the organisation’s Business Continuity Framework.
• Lead BIAs, risk assessments and scenario planning for critical processes.
• Embed and maintain continuity plans across all business units.
• Run testing cycles, desktop exercises and simulations.
• Report on organisational readiness and recommend improvements to the SLT.

Crisis Management & Resilience

• Lead the design and delivery of the Crisis Management Framework.
• Support and coordinate crisis response during real-time incidents.
• Produce post‑incident reviews and drive continuous improvement.
• Ensure alignment with Group crisis and continuity expectations.

Security & Resilience Frameworks

• Oversee organisational security and resilience frameworks across all sites.
• Monitor security controls, assurance activity and compliance levels.
• Coordinate SMEs to ensure effective incident management and resilience controls.
• Produce high‑quality MI, dashboards and thematic insights for governance bodies.

Risk Framework Support

(Supporting the General Counsel)

• Embed operational structures supporting enterprise risk management.
• Lead security risk assessments and insider threat mitigation activities.
• Support competition law compliance through appropriate frameworks and training.
• Feed resilience and incident insights into ERM reporting cycles.
• Support risk owners with workshops, assurance and Group reporting.

Leadership & Governance

• Promote a culture of accountability, preparedness and strong governance.
• Act as a trusted adviser to the HR Director, General Counsel and SLT.
• Lead cross-functional groups across resilience, privacy and security.
• Ensure frameworks and processes are clear, accessible and embedded.
• Produce high-quality reports and updates for senior governance bodies.

Learning & Development

• Lead organisation‑wide training for data protection, continuity, crisis management and security.
• Ensure mandatory and role-specific learning is up to date and impactful.
• Support capability pathways for resilience‑related roles.
• Monitor compliance and report progress to the SLT.

Innovation & Improvement

• Identify opportunities to modernise and strengthen resilience, security and data protection.
• Keep up to date with emerging risks, trends and best practice.
• Lead pilot initiatives to improve frameworks and testing.
• Promote innovation, learning and continuous improvement across teams.

Please Note: This is only a brief overview of the roles responsibilities, not an exact picture. Should you meet the minimum requirements of the role, we encourage you to apply!