The Role
As Head of Data Protection and Privacy, youll play a critical role in ensuring regulatory compliance and best practice across GDPR, PECR, US state privacy laws, and ISO27001/ISO27701. Reporting directly to the Chief Information Security Officer (CISO), youll be responsible for driving the data protection strategy, managing regulatory relationships, and leading a team to embed a culture of privacy compliance across MAG and CAVU.
Youll be the nominated Data Protection Officer (DPO) for MAG and CAVU, serving as the primary contact for the Information Commissioner's Office (ICO) and other regulatory bodies. This is a senior leadership role requiring expertise in data protection, compliance, and risk management, alongside the ability to work across business functions to align priorities with key strategic objectives.
What will make you successful?
1. Youll have experience in data protection, compliance, or cybersecurity, with in-depth knowledge of GDPR, PECR, ISO27001, ISO27701, and US privacy laws.
2. Strong regulatory and compliance leadership Proven experience managing compliance programs, liaising with regulatory bodies, and handling notifiable incidents with the ICO.
3. Strategic thinker and problem solver Ability to define and implement a data protection strategy, ensuring alignment with business goals and continuous improvement in compliance activities.
4. Risk management and governance Experience developing and enforcing policies, risk management frameworks, and audit programs to support data privacy and information security objectives.
5. Stakeholder management and communication Ability to influence and advise senior leaders, legal teams, and internal audit functions while delivering training and awareness programs across the organisation.
6. Team leadership and collaboration Experience leading and developing high-performing teams, with a strong focus on fostering a culture of privacy awareness and compliance.
7. Industry-recognised certifications Ideally holding certifications such as CIPM, CIPP/E, CIPT, ISO27001 Lead Auditor/Implementor, CISM, or CISSP.
This is a fantastic opportunity to shape the future of data protection and privacy at MAG, ensuring compliance, risk management, and security remain at the heart of our operations.