Data Protection & Compliance Manager | GDPR, PECR, CCPA/CPRA & Consent Frameworks
Greenfield Privacy Function Build | Digital Product, Marketing & Ad-Tech
* UK-Remote - (optional London office)
* £60k-£75k + Bonus
This is an opportunity to join the technology and product team of a globally trusted media brand that has recently expanded into the financial comparison space (think CompareTheMarket or MoneySupermarket). The platform is live and growing quickly, particularly across the US market.
The organisation does not yet have a formal Privacy & Data Protection function.
This role exists to build it from the ground up — defining standards, frameworks, tooling and operational workflows from scratch.
You’ll work closely with Product, Engineering, Marketing, Analytics and Ad-Tech teams to ensure data practices are compliant, transparent and technically sound.
The Role
You’ll design, implement and own the Privacy & Data Protection framework across multiple regions, with a particular focus on consent management, cookie/tracking behaviour, email compliance and US/UK/EU regulatory differences.
Your day-to-day will include:
* Establish and own the Privacy & Data Protection framework across UK, EU and US regions.
* Run DPIAs, DSARs, incident response and vendor reviews end-to-end.
* Map and document data flows across product, analytics, martech and CRM systems.
* Manage and optimise cookie and consent behaviour, including regional consent logic and 1st/3rd party tracking.
* Configure and maintain Consent Management Platforms (e.g., OneTrust or similar).
* Ensure compliant email and marketing data practices (opt-in records, suppression lists, unsubscribe hygiene).
* Advise Product and Engineering teams to embed privacy-by-design in new features.
* Lead internal training and act as the primary privacy contact across the business.
* This is a hands-on operational role, not policy-only.
Non-Negotiables:
* Hands-on experience in a Privacy / Data Protection role within a digital or data-led organisation.
* Practical experience configuring cookie/consent tools (e.g., OneTrust, TrustArc, Cookiebot).
* Clear understanding of explicit vs implicit consent and opt-in vs opt-out models (GDPR/PECR vs CCPA/CPRA).
* Confident managing email marketing compliance and CRM consent records.
* Experience building or establishing privacy processes or frameworks — not just maintaining existing ones.
* Able to translate regulatory requirements into practical product and technical implementation.
Nice to Have
* Experience in comparison, fintech or other high-traffic consumer platforms.
* Exposure to ISO 27001 / SOC 2 environments.
* Experience collaborating with security, DevOps or product engineering teams.
Why join:
* Greenfield build: You’re defining the privacy foundation — not inheriting one.
* Ability to meaningfully influence product direction and customer experience.
* Practical, modern, real-world approach to privacy (no checkbox compliance).
* Highly collaborative culture with autonomy and ownership.
Employee Benefits
* 10% performance bonus
* 100% remote (UK-based) – optional London office
* Private health cover
* Unlimited holiday
* Generous corporate benefits package
Data Protection & Compliance Manager | GDPR, PECR, CCPA/CPRA & Consent Frameworks
Greenfield Privacy Function Build | Digital Product, Marketing & Ad-Tech