Location: Hams Hall
Hours: 40 hours per week. Monday to Friday
Salary: Up to £34,000
We are looking for an experienced Information Security & Data Protection Advisor to guide and strengthen our approach to data protection, privacy, and information security. You will act as a trusted expert, advising senior leadership and teams across the organisation, ensuring compliance, managing risk, and embedding privacy‑ and security‑by‑design practices.
Your Tasks
* Advise leadership and teams on data protection obligations, ensuring compliance with GDPR, UK GDPR, and sector‑specific laws.
* Maintain Records of Processing Activities (RoPA), manage data flows, and oversee Data Protection Impact Assessments (DPIAs).
* Act as liaison with regulators (e.g., ICO) and handle investigations, data subject requests, and breach/incident response.
* Review policies, contracts, and vendor agreements to embed privacy‑by‑design and ensure compliance.
* Deliver training and awareness programs to foster a strong culture of privacy and security.
* Develop, maintain, and continuously improve the organisation’s information security framework, including policies, standards, and procedures.
* Monitor and respond to security incidents, manage vendor security compliance, and oversee business continuity and disaster recovery.
* Collaborate with IT, development, and operations to embed security controls and ensure secure system design.
* Lead security awareness initiatives and report on security posture, risks, and KPIs to senior management.
* Stay informed on emerging cyber threats, regulatory changes, and best practices, advising leadership on risk mitigation.
Your Profile
* Strong knowledge of data protection and privacy laws (GDPR, UK GDPR, UK DPA) and sector‑specific regulations.
* Experience in a similar role (DPO, Privacy Officer, Information Security Officer, or equivalent).
* Skilled in risk assessment, audit, governance, incident response, and vendor risk management.
* Excellent communication and influencing skills, able to translate technical topics for non‑technical stakeholders.
* Strong analytical, problem‑solving, and project management abilities.
* Able to work independently while collaborating across IT, legal, HR, and operations.
* Integrity, independence, and discretion, with high confidentiality standards.
* Degree in information security, computer science, law, or related field; certifications in privacy or cybersecurity desirable.
We Offer
* 25 days annual leave plus 8 UK bank holidays with the option to purchase up to an additional 5 days
* Pension contribution
* A life assurance policy that pays out 4 x Salary
* Employee Assistance Programme that provides you with confidential support, information, and advice to help you
* Employee Discount Scheme
* Free car parking
#J-18808-Ljbffr