Location: Leeds/Dublin
Hybrid: 2 days per week (Dublin only) with occasional travel
What You’ll Do
* Establish and maintain data protection framework, policies, procedures and related documentation;
* Work with colleagues in other geographical locations to enable the development of global standards, knowledge transfer, and guidelines;
* Coordinate assurance activities across the three lines of defense, including internal audit, compliance testing, and external reviews, as required;
* Develop assurance reporting that provides clear insight into control efficiency, risk trends, and systemic weaknesses;
* Define and maintain control framework, mapping regulatory requirements;
* Coordinate control design efficiency reviews and operating effectiveness testing;
* Implement and mature the data protection risk management framework, aligned to Flutter’s Risk Management framework; assess risks across the Division and escalating and reporting as required;
* Horizon‑scan regulatory developments and assess impacts on the risk and control environment;
* Coordinate and be responsible for the data protection programme and projects;
* Establish and maintain data protection KRIs, control metrics, and assurance dashboards;
* Proactively resolve ad‑hoc queries related to complex analysis, acting as a proactive subject‑matter expert;
* Develop materials, own the rollout of training and awareness initiatives;
* Establish and maintain positive relationships with key partners across the Division;
* Line‑manage a team of two and act as a point of escalation on all data protection matters for junior members.
How You’ll Do It
* Have extensive experience operating a second‑line risk and assurance role within a GRC or risk management function;
* Possess a strong understanding of risk assessment methodologies and control testing;
* Hold industry‑recognised qualifications in data protection (CIPP/e, CIPM and/or CIPT through the International Association of Privacy Professionals (IAPP));
* Graduate (degree, master or equivalent) in Law, Business or a similar field;
* Demonstrate excellent validated knowledge of data protection and e‑privacy law in Ireland, UK and Europe;
* Have previous experience leading and mentoring teams;
* Be experienced in working with and running operations through data protection software platforms and possess strong MS Office skills, particularly Excel, SharePoint and PowerPoint;
* Be confident working cross‑functionally with all levels of management, both internally and externally.
What We’ll Offer You
* £1,000 learning fund;
* Twice‑yearly bonus (with part of it guaranteed);
* Pension contribution scheme;
* Private healthcare;
* Flexible ways of working – home or office, it’s your choice;
* Access to thousands of Udemy courses;
* Investment via the Company Sharesave Scheme;
* 16 hours paid volunteering time per year.
#J-18808-Ljbffr